firewall

George Toft george at georgetoft.com
Sat Aug 30 15:25:51 MST 2014


Because I had outgoing rules defined, I actually found out I had an 
infected Windows 98 box (yeah - long time ago).  Said Win98 box was 
running a leading AV program and was infected by one of the most popular 
viruses.  This event boosted my faith in outbound monitoring and 
destroyed my faith in AV products.

Regards,

George Toft

On 8/27/2014 9:39 AM, Lisa Kachold wrote:
> The most important thing you can do is FIREWALL outbound traffic as 
> well as inbound.
>
> It's a great deal of work, but clearly nepharious traffic will be dropped.
>
>
> On Wed, Aug 27, 2014 at 7:32 AM, Bob Elzer <bob.elzer at gmail.com 
> <mailto:bob.elzer at gmail.com>> wrote:
>
>     My question would be, how many times a day does someone try to
>     break into your system ?
>
>     If you don't know the answer then maybe you should be running a
>     firewall.
>
>     It really depends on whether your network is secure or not,
>     usually what secures your network is a firewall. If that's the one
>     on your router then that should be enough.
>
>     Looking in your log files for strange IP's and failed password
>     attempts will let you know if people are trying to get in, if
>     you're running a web server look in the error logs for attempts to
>     access non existing files, usually a bunch from the same IP.
>
>     Windows may have more vulnerabilities, but they will still try to
>     break into Linux systems.
>
>     Search and read about fail2ban, that's one tool to use when you
>     need to have a service open to the internet.
>
>     Hope this helps
>
>     On Aug 26, 2014 8:15 PM, "Michael Havens" <bmike1 at gmail.com
>     <mailto:bmike1 at gmail.com>> wrote:
>
>         I hear people say, "Even Linux users need a firewall."
>         My question is..... why? I've runlinux since '98 w/o a
>         firewall (aside from the one sent with my modem/router). Isn't
>         that good enough?
>         :-)~MIKE~(-:
>
>         ---------------------------------------------------
>         PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>         <mailto:PLUG-discuss at lists.phxlinux.org>
>         To subscribe, unsubscribe, or to change your mail settings:
>         http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>     ---------------------------------------------------
>     PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>     <mailto:PLUG-discuss at lists.phxlinux.org>
>     To subscribe, unsubscribe, or to change your mail settings:
>     http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20140830/20936ef6/attachment.html>


More information about the PLUG-discuss mailing list