linux firewall/router

Jay plug-discuss@lists.plug.phoenix.az.us
Thu, 21 Nov 2002 14:42:07 -0700 (MST) 

Hi Cliff. Here's some comments below. Disclaimer: I work with a company
that does security scanning and vulnerability assessment. Thus, my
opinions are biased. :)  Shameless plug: Nonetheless, our service will fit
your needs and it's only $25 for a remote security scan, vulerability
assessment, and complete report. Edgeos - http://www.edgeos.com

  * Information/network security testing and vulnerability assessment is
MUCH more than just checking for the existence of file sharing. In all
honesty, just checking file sharing and then calling your computer/network
"secure" would be like only looking at the first line-item on your bank
statment and then calling all of the remaining charges good (without even
looking at them). In your case this is even more true, as GRC is 100%
Windows-centric and you're running a Linux system.

  * GRC's Shields Up only tests ONE port for ONE service. It is, quite
possibly, the WORST "security service" available today (in my biased
opinion). See the above example. Another relevent example would be to say
that because you checked one bathroom window in your house, your entire
house is now secure. Of course, that is certainly not true. You'll find
that many non-techincal Windows people love GRC, while most hard-core
technology experts and UNIX folks *hate* GRC. This is because GRC pacifies
people (who don't know any better) into a false sense of security and then
makes them think that they're safe. Again, my opinion = very biased.
However, I'm glad to see that you're looking for something beyond GRC. The
world would be a much better place if everyone would do that. :)

  * Edgeos is also not the end-all-be-all of security services. However,
we certainly don't claim to be either. :)  We specifically tell people
exactly what they'll get from our service. A non-security professional
would assume that Edgeos and GRC are the same type of service offering the
same level of information and protection. Simply not true:

                 GRC            Edgeos
----------------------------------------
Ports tested:     2             65,535
Threats tested:   1              1,124

Hope that helps. OBLinux: Edgeos' network is 100% Linux based and the
scanning engine we use (Nessus) is open source. :)

~Jay




On Thu, 21 Nov 2002, cliff rogers wrote:

> OK all, I am finally the proud owner of a linux box that is my router/firewall. I went to Gibson Research and ran the shields up and port probe to test my firewall and it tells me that my computer is secure. My request is: how do I check further to make sure I am secure? I ask because I have had a couple of mail-delivery-failed notifications that I don't think I sent out. I am using a distro called clarkconnect and I think it is a preconfigured setup. If someone could give me some advice or tell me where I can go to check it further I would appreciate it. Also if someone knows how to access from a different computer it would help cause my wife wants her monitor and keyboard back on her computer for some reason:) All help is greatly appreciated. Cliff
>

-- 
~Jay