Find the answer to your Linux question:
Results 1 to 7 of 7
Hi all, Well here is the situation. I am moving into a student accomodation next week where they supply us with broadband. Now I want to set up my Linux ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2004
    Location
    Birmingham
    Posts
    70

    Student needs help


    Hi all,

    Well here is the situation. I am moving into a student accomodation next week where they supply us with broadband. Now I want to set up my Linux box (Knoppix distro) so that I will be safe on the network from internal attacks. What do you suggest I do to secure my box? I thought about blocking all incoming ICMP packets but not sure if this is necessary.

    Thanks for any help

    Mike

  2. #2
    Linux Guru sarumont's Avatar
    Join Date
    Apr 2003
    Location
    /dev/urandom
    Posts
    3,682
    Just make sure you don't have any ports that allow new incoming connections, unless you're running a server. You can drop all icmp packets to be safe, too.
    "Time is an illusion. Lunchtime, doubly so."
    ~Douglas Adams, The Hitchhiker's Guide to the Galaxy

  3. #3
    Just Joined!
    Join Date
    Sep 2004
    Location
    Birmingham
    Posts
    70
    thanks for the reply

    I nmap'd myself to see what services I need to take care of, and I am a walking time bomb. As I havent used the Linux on my laptop in a while it is very vulnerable. How can i uninstall the following services?

    25-smtp
    111-rpcbind
    113-ident
    515-printer
    587-smtp(again)
    1024-status
    6000-X11

    Do i want stop all of them?
    Also how will I beable to find the PID for these services when they are running to kill them?

    Thanks

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie
    Join Date
    Jan 2004
    Location
    Belgrade, S&M
    Posts
    177
    Hmm, not sure about how to exactly do it in Knoppix but there should be some startup scripts like /etc/rc.d/rc.M and similar. Just edit them and comment out all the stuff you don't need (sendmail, rpcbind,sshd,httpd....) My only opened port is X11 and it is filtered. How tight it should be depends only on your use of it..

  6. #5
    Just Joined!
    Join Date
    Jul 2004
    Posts
    53
    Check the documentation on thoses services. The answers lie within.
    Code:
    PORT     STATE SERVICE
    22/tcp   open  ssh
    79/tcp   open  finger
    113/tcp  open  auth
    6000/tcp open  X11
    I've managed to cut back abit. Although I've been struggling to cut X off from the world but I can't seem to find the right place to add the flag -nolisten tcp. Also I don't know if I need finger. ssh really is just there because one day I know I'm going to need it. Also I've heard that there is a vulnerability in kernel 2.4.22, so I'm going to try install 2.6.* when I get up the guts.

    Peace

    Update: Got tthe 2.6 kernel installed now, ACPI is still giving me troubles. Yep, with iptables it would be pretty easy to just block those ports, but now that I'm working on getting a wireless card for my laptop that works under linux my AP will be public access (I've heard that wireless is still shakey in regards to security?) so I would still like to shut down X11 without enabling iptables or some other kind of firewire on all of my computers.

  7. #6
    Just Joined!
    Join Date
    Sep 2004
    Location
    Cape Town, South Africa
    Posts
    83
    I have a firewall installed, (firestarter). From that you can block/deny all the ports you like.


  8. #7
    Just Joined!
    Join Date
    Sep 2004
    Posts
    28
    Rather than firewalling the first thing to do is to stop all ports that you do not need. Play safe.


    Cheers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •