[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: is it secure enough
Its as secure as you make it. Check the sys logs daily for attempts to
get in, and readjust your filtering as needed. The next step is to get
the users to pick good passwords and watch the physical side of secutity
(somebody giving out their password). I have set up a cron job to check
all config files and some important programs with an MD5 checksum, just
in case a bad guy gets in and pokes a hole that you may not be looking
for. Right now the MD5 checksums are mailed (not to secure but it works
for now) to me, it would be better to have them print out after a run
(can't edit the hardcopy.)
Paul
Erez Doron wrote:
> I've used my linux as firewall.
>
> i have one ip connected to the internet.
> i use ip-masq for internal computers
> i use ipfwadm to disable ip-spoofing
> i use /etc/hosts.allow & /etc/hosts.deny to allow only local computers
>
> i should menstion here, that the linux-firewall is
> a fully oprational machine ( i.e. mail, nfs, web, ftp , ... )
>
> the question is : is it secure enough ? are there aother things
> i should know of or do ?
>
> btw: i use redhat4.2, kernel 2.0.33. any need to upgrade ( to RH5.0 ?
> )
>
> Regards
> Erez.