VanLUG Email Archive
Harondel J. Sibble (help@pdscc.com)
Tue, 20 Oct 1998 15:05:43 -0700
Is that wise? Are there no known exploits? Seems a tad "crazy" if you ask
me? I've only been using linux for less that a year, but I'd say I've gotten
_sufficently _ paranoid by reading Bugtraq, Anti-Online, Rootshell etc. Not
to mention the fact that I have friends who manage some major sites who
been attacked, in one case they were effectivley shut down (including all
the isp's thousands of clients) for over a week due to a major synflood
attack.
Then there are a few books on my shelf
1)Internet Security - Professional Reference 2nd ed by New Riders Press
2)Building Internet Firewalls - by ORA
3)Maximum Security - Sam's Publishing
4)Practical Unix & Internet Security by ORA which as one of the posters in
the linux books thread mentioned is a classic
5)Internet firewalls and network security - don't remember who published.
Everything I've read on the net and in the above and other books says that
one should ALWAYS avoid enabling extra ports through a firewall,
especially things like time stuff!
It's interesting that one of the folks in this thread mentioned getting some
700 or so packets through his time update hole in the firewall.....
On 20 Oct 98, at 14:27, Curt Sampson wrote:
> Seems like more work to me than just poking a hole in your firewall,
> starting xntpd on boot, and forgetting about the whole thing.
Harondel J. Sibble
Sibble Computer Consulting
Creating solutions for the small business and home computer user.
help@pdscc.com (pgp enabled) http://www.pdscc.com
(604) 739-3709 (voice/fax) (604) 686-2253 (pager)
This archive was generated by hypermail 2.0b3 on Mon 02 Nov 1998 - 03:23:17 PST