[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sheflug] Re: Suggestions of distro?

To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Subject: RE: [Sheflug] Re: Suggestions of distro?
From: Barrie Bremner <xxxxx [at] xxxxxxxxxxxxxxxxx>
Date: Tue, 18 Dec 2001 18:57:37 +0000
Envelope-To: <shef-lug [at] list.sheflug.org.uk>
List-Help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-Id: Sheflug <shef-lug.list.sheflug.org.uk>
List-Post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-Subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-Unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx

>>>>> "Neil" == Neil R Porter <Neil> writes:

    Neil> Hiya James What problems have you got with it?  You say it's
    Neil> not secure... Do you mean you've checked it on something
    Neil> like http://grc.com and it says your shields are down and
    Neil> your ports are open (those that you want closed anyhoo)?
    Neil> Bastille-firewall works out of the box.  You can either
    Neil> configure it using the mandrake control centre or by editing
    Neil> the bastille-firewall.cfg file (in /etc/Bastille).  Don't
    Neil> worry too much about messing with the cfg file unless you
    Neil> need to tweak it (I had to to allow my LAN to be
    Neil> 'trusted')... I'll send you my cfg file off list if you need
    Neil> it.

I'd leave grc.com alone - it's not all that useful.
I'll give you a brief (and rather slow) check on a few common ports,
but if you _really_ want to check things out properly, you can't do
much better than to use 'nmap'.

Nmap is installed by default on some systems, if not
http://insecure.org/ or Freshmeat are the places to go.

Bastille and other hardening scripts are a good idea, but part of the
role of such a script - especially with Bastille is to educate the
admin as to exact what is being done and why - pay attention - you'll
probably need to know what's been done incase something 'breaks' after
Bastille blocks traffic :-)

    Neil> As for other things, I'm not sure what else you need.  All
    Neil> the net 'probers' have told me that my system is pretty well
    Neil> locked down and as for other services, well I'm running web,
    Neil> ftp, samba, net connection sharing, the lot with my linux
    Neil> box on LM8.1.

Cheers.

Baz.

-- 
Barrie J. Bremner		OpenPGP public key ID: F78CEE08
baz [at] barriebremner.com	http://barriebremner.com/


___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- RE: [Sheflug] Re: Suggestions of distro?
  - From: Neil R Porter

References:
- Re: [Sheflug] Re: Suggestions of distro?
  - From: James Bruce
- RE: [Sheflug] Re: Suggestions of distro?
  - From: Neil R Porter

Prev by Date: Re: [Sheflug] Re: [Sheflug] Re: Suggestions of distro?
Next by Date: RE: [Sheflug] Re: Suggestions of distro?
Prev by thread: RE: [Sheflug] Re: Suggestions of distro?
Next by thread: RE: [Sheflug] Re: Suggestions of distro?
Index(es):
- Date
- Thread