firewall, newby
This is a discussion on firewall, newby within the Linux Security forums, part of the System Security and Security Related category; Hi I recently installed mandrake and have realized (after some intrusion attacks on my windows partition (running dual boot)) that ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-27-2004
|
|||
|
|||
firewall, newby
Hi
I recently installed mandrake and have realized (after some intrusion attacks on my windows partition (running dual boot)) that a firewall is absolutely necessary..with mandrake, upon installation the user is asked to select the security level desired..i chose the recommended setting..on top of this I have also configured a firewall (using the drake firewall setup utility)..will this be enough? or should I remove this firewall and download and install another firewall such as lokkit or firestarter?..I don't want to have a separate linux firewall machine, not now anyhow, so am looking for simple to install firewall software.. also, what about other security aspects for linux that I have on my windows platform..on windows I'm using norton and it provides a firewall, and intrustion detection as well as visual tracking...will having just a firewall for linux suffice? and if its worthwhile, what software could I use for intrusion detection for linux?..currently I'm thinking of installing lokkit or firestarter firewall and am wondering whether that will be enough to get by.. thanks J 
|
|
01-27-2004
|
|||
|
|||
|
Re: firewall, newby
Joseph Jolic wrote:
> Hi > I recently installed mandrake and have realized (after some intrusion > attacks on my windows partition (running dual boot)) that a firewall is > absolutely necessary..with mandrake, upon installation the user is asked > to select the security level desired..i chose the recommended setting..on > top of this I have also configured a firewall (using the drake firewall > setup utility)..will this be enough? What's enough, in your opinion? You left all boxes unchecked in the firewall config, right? I.e. don't let anyone have any access to your box? > or should I remove this firewall and > download and install another firewall such as lokkit or firestarter? You should use the mandrake firewall. Trust me, it's good. > ..I > don't want to have a separate linux firewall machine, not now anyhow, so > am looking for simple to install firewall software.. Use the one mandrake comes with. > > > also, what about other security aspects for linux that I have on my > windows platform..on windows I'm using norton and it provides a firewall, > and intrustion detection as well as visual tracking...will having just a > firewall for linux suffice? Usually, but if you want to install an intrusion detection system, get SNORT. > and if its worthwhile, what software could I > use for intrusion detection for linux?.. SNORT. > currently I'm thinking of > installing lokkit or firestarter firewall and am wondering whether that > will be enough > to get by.. What you currently have should be enough. Just watch the logs, don't log in as root (unless it's to a console as "su root"), etc. Most malicious software vulnerabilities (i.e. adware/spyware) are not possible with linux due to restrictions: to install software you must be root. > > thanks > J -- The makers may make and the users may use, but the fixers must fix with but minimal clues
|
|
01-27-2004
|
|||
|
|||
|
Re: firewall, newby
Hi
Thanks for claryfying things. Currently my mandrake firewall is configured to those settings that you mentioned (all boxes were left unchecked)..I also plan to get SNORT as well. So its harder for internet attacks to infect a linux box because the programs need root permision in order to modify system files etc. I see. But I'm a little unclear by what you mean by: don't log in as root (unless it's to a console as "su root"), etc. Most malicious software vulnerabilities (i.e. adware/spyware) are not possible with linux due to restrictions: to install software you must be root. Do you mean that after boot up if I log in as root and start an X windows environment I'm more vulnerable while connected to the net?? ie malicious code is able to now do harm? But logging in normally (not root) and later opening up a console window and logging in it as root while connected to the net is okay? thank you Joseph "NeoSadist" <neosad1st@charter.net> wrote in message news:101bsqvrhsdu92c@corp.supernews.com... > Joseph Jolic wrote: > > > Hi > > I recently installed mandrake and have realized (after some intrusion > > attacks on my windows partition (running dual boot)) that a firewall is > > absolutely necessary..with mandrake, upon installation the user is asked > > to select the security level desired..i chose the recommended setting..on > > top of this I have also configured a firewall (using the drake firewall > > setup utility)..will this be enough? > > What's enough, in your opinion? > You left all boxes unchecked in the firewall config, right? I.e. don't let > anyone have any access to your box? > > > or should I remove this firewall and > > download and install another firewall such as lokkit or firestarter? > > You should use the mandrake firewall. Trust me, it's good. > > > ..I > > don't want to have a separate linux firewall machine, not now anyhow, so > > am looking for simple to install firewall software.. > > Use the one mandrake comes with. > > > > > > > also, what about other security aspects for linux that I have on my > > windows platform..on windows I'm using norton and it provides a firewall, > > and intrustion detection as well as visual tracking...will having just a > > firewall for linux suffice? > > Usually, but if you want to install an intrusion detection system, get > SNORT. > > > and if its worthwhile, what software could I > > use for intrusion detection for linux?.. > > SNORT. > > > currently I'm thinking of > > installing lokkit or firestarter firewall and am wondering whether that > > will be enough > > to get by.. > > What you currently have should be enough. Just watch the logs, don't log in > as root (unless it's to a console as "su root"), etc. Most malicious > software vulnerabilities (i.e. adware/spyware) are not possible with linux > due to restrictions: to install software you must be root. > > > > > thanks > > J > > -- > The makers may make > and the users may use, > but the fixers must fix > with but minimal clues >
|
|
01-27-2004
|
|||
|
|||
|
Re: firewall, newb
Hi
Thanks for claryfying things. Currently my mandrake firewall is configured to those settings that you mentioned (all boxes were left unchecked)..I also plan to get SNORT as well. So its harder for internet attacks to infect a linux box because the programs need root permision in order to modify system files etc. I see. But I'm a little unclear by what you mean by: don't log in as root (unless it's to a console as "su root"), etc. Most malicious software vulnerabilities (i.e. adware/spyware) are not possible with linux due to restrictions: to install software you must be root. Do you mean that after boot up if I log in as root and start an X windows environment I'm more vulnerable while connected to the net?? ie malicious code is able to now do harm? But logging in normally (not root) and later opening up a console window and logging in it as root while connected to the net is okay? thank you Joseph "NeoSadist" <neosad1st@charter.net> wrote in message news:101bsqvrhsdu92c@corp.supernews.com... > Joseph Jolic wrote: > > > Hi > > I recently installed mandrake and have realized (after some intrusion > > attacks on my windows partition (running dual boot)) that a firewall is > > absolutely necessary..with mandrake, upon installation the user is asked > > to select the security level desired..i chose the recommended setting..on > > top of this I have also configured a firewall (using the drake firewall > > setup utility)..will this be enough? > > What's enough, in your opinion? > You left all boxes unchecked in the firewall config, right? I.e. don't let > anyone have any access to your box? > > > or should I remove this firewall and > > download and install another firewall such as lokkit or firestarter? > > You should use the mandrake firewall. Trust me, it's good. > > > ..I > > don't want to have a separate linux firewall machine, not now anyhow, so > > am looking for simple to install firewall software.. > > Use the one mandrake comes with. > > > > > > > also, what about other security aspects for linux that I have on my > > windows platform..on windows I'm using norton and it provides a firewall, > > and intrustion detection as well as visual tracking...will having just a > > firewall for linux suffice? > > Usually, but if you want to install an intrusion detection system, get > SNORT. > > > and if its worthwhile, what software could I > > use for intrusion detection for linux?.. > > SNORT. > > > currently I'm thinking of > > installing lokkit or firestarter firewall and am wondering whether that > > will be enough > > to get by.. > > What you currently have should be enough. Just watch the logs, don't log in > as root (unless it's to a console as "su root"), etc. Most malicious > software vulnerabilities (i.e. adware/spyware) are not possible with linux > due to restrictions: to install software you must be root. > > > > > thanks > > J > > -- > The makers may make > and the users may use, > but the fixers must fix > with but minimal clues >
|
Linear Mode
