On Thu, 21 Nov 2002, cliff rogers wrote: > OK all, I am finally the proud owner of a linux box that is my > router/firewall. I went to Gibson Research and ran the shields up and > port probe to test my firewall and it tells me that my computer is > secure. My request is: how do I check further to make sure I am secure? > I ask because I have had a couple of mail-delivery-failed notifications > that I don't think I sent out. I am using a distro called clarkconnect > and I think it is a preconfigured setup. If someone could give me some > advice or tell me where I can go to check it further I would appreciate > it. Also if someone knows how to access from a different computer it > would help cause my wife wants her monitor and keyboard back on her > computer for some reason:) All help is greatly appreciated. Cliff > First things first, congrats on the new addition to your family. Secondly, treat that firewall like you would your child. Don't let it sit unattended, pay attention to it. Disbelieve when other people tell you that your firewall is a great kid. Listen when it cries and take note when it's really quiet. The logs it produces aren't refridgerator-magnet worthy, but you should at least look at them when produced. The 'secure' computer is the one that isn't operating. As long as a machine is attached to the network, it's vulnerable. Firewalls and computers should come with security ratings similiar to what's used for safes and vaults, which are generally time based, indicating how long it would take to penetrate given proper tools. That's why banks have alarm systems. Knowing there's an attack going on is just as important as slowing or stopping that attack. As far as accessing your firewall, I'd suggest a monitor and keyboard, or a serial cable to a console enabled ttyS0. If your wife is very tolerant, a dot matrix printer doing nothing but sending your firewall output to hardcopy would be a good bet, too, as well as cheap. It covers notification and secured log output in one stroke. As always, you need to find the balance between convenience and security. - billn