Results 1 to 7 of 7
Hi all,
Well here is the situation. I am moving into a student accomodation next week where they supply us with broadband. Now I want to set up my Linux ...
- 09-01-2004 #1Just Joined!
- Join Date
- Sep 2004
- Location
- Birmingham
- Posts
- 70
Student needs help
Hi all,
Well here is the situation. I am moving into a student accomodation next week where they supply us with broadband. Now I want to set up my Linux box (Knoppix distro) so that I will be safe on the network from internal attacks. What do you suggest I do to secure my box? I thought about blocking all incoming ICMP packets but not sure if this is necessary.
Thanks for any help
Mike
- 09-01-2004 #2Linux Guru
- Join Date
- Apr 2003
- Location
- /dev/urandom
- Posts
- 3,682
Just make sure you don't have any ports that allow new incoming connections, unless you're running a server. You can drop all icmp packets to be safe, too.
"Time is an illusion. Lunchtime, doubly so."
~Douglas Adams, The Hitchhiker's Guide to the Galaxy
- 09-02-2004 #3Just Joined!
- Join Date
- Sep 2004
- Location
- Birmingham
- Posts
- 70
thanks for the reply
I nmap'd myself to see what services I need to take care of, and I am a walking time bomb. As I havent used the Linux on my laptop in a while it is very vulnerable. How can i uninstall the following services?
25-smtp
111-rpcbind
113-ident
515-printer
587-smtp(again)
1024-status
6000-X11
Do i want stop all of them?
Also how will I beable to find the PID for these services when they are running to kill them?
Thanks
- 09-02-2004 #4Linux Newbie
- Join Date
- Jan 2004
- Location
- Belgrade, S&M
- Posts
- 177
Hmm, not sure about how to exactly do it in Knoppix but there should be some startup scripts like /etc/rc.d/rc.M and similar. Just edit them and comment out all the stuff you don't need (sendmail, rpcbind,sshd,httpd....) My only opened port is X11 and it is filtered. How tight it should be depends only on your use of it..
- 09-11-2004 #5Just Joined!
- Join Date
- Jul 2004
- Posts
- 53
Check the documentation on thoses services. The answers lie within.
I've managed to cut back abit. Although I've been struggling to cut X off from the world but I can't seem to find the right place to add the flag -nolisten tcp. Also I don't know if I need finger. ssh really is just there because one day I know I'm going to need it. Also I've heard that there is a vulnerability in kernel 2.4.22, so I'm going to try install 2.6.* when I get up the guts.Code:PORT STATE SERVICE 22/tcp open ssh 79/tcp open finger 113/tcp open auth 6000/tcp open X11
Peace
Update: Got tthe 2.6 kernel installed now, ACPI is still giving me troubles. Yep, with iptables it would be pretty easy to just block those ports, but now that I'm working on getting a wireless card for my laptop that works under linux my AP will be public access (I've heard that wireless is still shakey in regards to security?) so I would still like to shut down X11 without enabling iptables or some other kind of firewire on all of my computers.
- 09-27-2004 #6Just Joined!
- Join Date
- Sep 2004
- Location
- Cape Town, South Africa
- Posts
- 83
I have a firewall installed, (firestarter). From that you can block/deny all the ports you like.
- 09-29-2004 #7Just Joined!
- Join Date
- Sep 2004
- Posts
- 28
Rather than firewalling the first thing to do is to stop all ports that you do not need. Play safe.
Cheers
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
