On Thu, 8 Mar 2001, Dave Ihnat wrote:
> On Thu, Mar 08, 2001 at 11:35:57AM -0500, Jerry Winegarden wrote:
> > The keys to prevention (in order of importance):
>
> Uh...the VERY FIRST thing on that list should be enabling ipchains/iptables
> (depending on your version) and setting up your firewalling...
If you are just a single machine, there isn't much to be gained by running
ipchains. I suppose that you could install a second ethernet card in your
one machine and then you could be your own firewall. A lot of extra
effort, but why?
If I had more than one box on a LAN and if I had traffic (such as smb)
that I wanted to protect, the firewall is helpful. I have installed
several. I currently have a bunch of machines behind one and a few not
behind one.
No, the VERY first thing is actually to properly configure tcpwrappers
(/etc/hosts.allow and deny) - heh even IPTABLES can now use them.
Except for security patch updates, properly configured tcpd is the single
most important thing to do for security. ipchains/iptables may be in
order in many cases, but certainly not the VERY FIRST THING! :-)
>
--
***************************************************************************
Jerry Winegarden OIT/Technical Support Duke University
[EMAIL PROTECTED] http://www-jerry.oit.duke.edu
***************************************************************************
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
