[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: is it secure enough



Yea, don't run all those server on a firewall......  if somebody uses a hole
in sendmail to get root privileges, then your firewall is useless.  They
could then easily snoop around your entire mail and web sites.  A firewall
must be the only program running on a Linux box to make it secure, and
therefore protecting the rest of your network.

I doubt that have covered all the holes up with your firewall because you
have the initial set up screwed up.  So your firewall is probably useless
anyway.  Not trying to be harsh, just honest.  BTW, do you know what an
attempted crack attempt looks like by searching your logs?  Probably not.
Do you log all the dropped or filtered packets so you can see who or what is
trying to get past?  Probably not.

Sorry for being so blunt, but reality has just set in!

Paul

-----Original Message-----
From: Erez Doron <erez@savan.com>
To: linux ILUG <linux-il@linux.org.il>; linux network group
<linux-net@vger.rutgers.edu>
Date: Friday, January 23, 1998 8:36 AM
Subject: is it secure enough


>
>
>
>I've used my linux as firewall.
>
>i have one ip connected to the internet.
>i use ip-masq for internal computers
>i use ipfwadm to disable ip-spoofing
>i use /etc/hosts.allow & /etc/hosts.deny to allow only local computers
>
>
>i should menstion here, that the linux-firewall is
>a fully oprational machine ( i.e. mail, nfs, web, ftp , ... )
>
>the question is : is it secure enough ? are there aother things
>i should know of or do ?
>
>btw: i use redhat4.2, kernel 2.0.33. any need to upgrade ( to RH5.0 ? )
>
>Regards
>Erez.
>
>
>