Re: Newbie: Help with home machine surveillance
From: Alan W. Frame (alan.frame@acm.org)Date: 01/01/02
- Next message: Kasper Dupont: "Re: I still cannot change my Redhat Firewall settings"
- Previous message: Hal Burgiss: "Re: Is there any sshd/sftp gui ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: alan.frame@acm.org (Alan W. Frame) Date: Tue, 1 Jan 2002 14:05:55 +0000
Tim Haynes <usenet@stirfried.vegetable.org.uk> wrote:
> Dave K. <david345@toast.com> writes:
>
> > I used some website (don't have
> > the name offhand) to check that all my ports were secure.
>
> `netstat -plant | grep LIST' is a bit quicker, although the external
> correlation is reasonable; you have to design your rule-set such that you
> don't just match the ports they scan you for, but in such a way that *if*
> the ports they scan all come back filtered, you know everything else is too.
Indeed.
Out of instinct I netstat -plant'd recently on a random[0] box in a DMZ
and found that a rather old lpr was running - OK, the ipchains on the
box was nailed down, and the packet-filtering on the routers was nailed
down, but if they had failed....
rgds, Alan
[0] I'm in the process of building a replacement - with *only* the
binaries I want on it - and LIDS controlling what binaries can bind to
what ports.
-- 99 Ducati 748BP, 95 Ducati 600SS, 81 Guzzi Monza, 74 MV Agusta 350 "Ride to Work, Work to Ride" SI# 7.067 DoD#1930 PGP Key 0xBDED56C5
- Next message: Kasper Dupont: "Re: I still cannot change my Redhat Firewall settings"
- Previous message: Hal Burgiss: "Re: Is there any sshd/sftp gui ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
