linux firewall/router

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\Mcliff rogers at <-
MMMJay at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Bill Nash
Date:  
New-Topics: Red-carpet
Subject: linux firewall/router



On Thu, 21 Nov 2002, cliff rogers wrote:

> OK all, I am finally the proud owner of a linux box that is my
> router/firewall. I went to Gibson Research and ran the shields up and
> port probe to test my firewall and it tells me that my computer is
> secure. My request is: how do I check further to make sure I am secure?
> I ask because I have had a couple of mail-delivery-failed notifications
> that I don't think I sent out. I am using a distro called clarkconnect
> and I think it is a preconfigured setup. If someone could give me some
> advice or tell me where I can go to check it further I would appreciate
> it. Also if someone knows how to access from a different computer it
> would help cause my wife wants her monitor and keyboard back on her
> computer for some reason:) All help is greatly appreciated. Cliff
> 

    First things first, congrats on the new addition to your family.
Secondly, treat that firewall like you would your child. Don't let it sit
unattended, pay attention to it. Disbelieve when other people tell you
that your firewall is a great kid. Listen when it cries and take note when
it's really quiet. The logs it produces aren't refridgerator-magnet
worthy, but you should at least look at them when produced.


    The 'secure' computer is the one that isn't operating. As long as
a machine is attached to the network, it's vulnerable. Firewalls and
computers should come with security ratings similiar to what's used for
safes and vaults, which are generally time based, indicating how long it
would take to penetrate given proper tools. That's why banks have alarm
systems. Knowing there's an attack going on is just as important as
slowing or stopping that attack.


    As far as accessing your firewall, I'd suggest a monitor and
keyboard, or a serial cable to a console enabled ttyS0. If your wife is
very tolerant, a dot matrix printer doing nothing but sending your
firewall output to hardcopy would be a good bet, too, as well as cheap. It
covers notification and secured log output in one stroke.


    As always, you need to find the balance between convenience and
security.


- billn


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Upgrading to Red Hat 8 or some other distroForcing a 10/100 NIC to run at 10->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)