[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: is it secure enough
On Mon, 19 Jan 1998, Erez Doron wrote:
> I've used my linux as firewall.
>
> i have one ip connected to the internet.
> i use ip-masq for internal computers
> i use ipfwadm to disable ip-spoofing
> i use /etc/hosts.allow & /etc/hosts.deny to allow only local computers
never trust tcpwrappers when you have ipfwadm to protect you at the lower
level.
> i should menstion here, that the linux-firewall is
> a fully oprational machine ( i.e. mail, nfs, web, ftp , ... )
I suspect you have not read any professional documentation then. "my
firewall is a full server" is an oxymoron. by definition a firewall
machine does nothing but gating services after inspecting them from OSI
level 2 through 5. if you can go as low as 1 or high as 6-7, you are
really secure. The second point is that it must run as few things as
possible, and they all must be themselves small, thoroughly investigated
binaries, atomic if possible, and should not run as root whenever
possible.
I don't need to check your configurations to tell you your machine is NOT
safe. it may be a little more secured then some, but it definitly does not
fall into the definition of a firewall.
>
> the question is : is it secure enough ? are there aother things
> i should know of or do ?
>
> btw: i use redhat4.2, kernel 2.0.33. any need to upgrade ( to RH5.0 ? )
my firewall runs 4.1 and 2.0.30. I may need to upgrade my kernel to avoid
D.o.S. atacks, but not a security breach.
I sugest you move all pop, mail, http and FTP services to an intranet
server. if it needs to be viewable from the outside maybe have a three-way
firewall (like mine) and secure the server too.
my firewall only runs Qmail as a mail gateway (blocking local delivery
would have been even better, but not paramount), accepts ntp signals from
my ISP and other sources (no single point of failure) and serves named for
our domain. no other ports are enabled, and inetd is not used. I even
blocked all ICMP activity except for ping. the only other two services it
runs is the backups system and a squid web/ftp cache. both don't run as
root ofcourse, and are only available to inside machines.
as a general rule, it is probably never enough to start with a loaded
machine and peel away all that looks insecure. all firewall cookbooks will
tell you to start with a naked system, add very carefully only the stuff
you need, block all IP communication, and then enable only the absolute
necesaties.
if you need more ideas, write back.
--
Ira Abramov <ira(a)scso.com> whois: IA58
** Linux is like a Vorlon. It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.