Re: [fw-wiz] Securing a Linux Firewall

From: Kevin Steves (kevin@atomicgears.com)
Date: 07/26/02 

From: Kevin Steves <kevin@atomicgears.com>
To: Marc DVer <mdver@whiteeagletox.com>
Date: Fri Jul 26 20:49:01 2002

On Tue, Jul 23, 2002 at 11:37:38AM -0400, Marc DVer wrote:
> I have a computer set up for the exclusive use as a gateway/firewall running
> IPChains. I would like to know if I can safely shut down the rpc.statd
> service. According to the man page, " It is used by the NFS file locking
> service, rpc.lockd, to implement lock recovery when the NFS server machine
> crashes and reboots." Since I am not using NFS (or at least I believe I am
> not; the firewall is the only *nix computer on the network, and isn't used
> for file sharing) can I safely turn this off? I have read that turning off
> unneeded services is needed to secure a linux box, which is doubly a concern
> with a firewall.

My basic methodology for constructing a bastion host is outlined in:
http://people.hp.se/stevesk/bastion11.html

Yes, the example is on HP-UX 11, but the general approach is applicable
to many Unix environments. I have used the strategy on Redhat Linux
for example.

I prefer Unix operating environments that easily permit a "minimal" or
"secure by default" install. Then the user can add the software and
packages that they require. The strip down approach is flawed, but in
many cases there is no other choice. 

-- 
Kevin Steves     | kevin@atomicgears.com
Atomic Gears LLC | http://www.atomicgears.com/