Re: is this right?
From: Shawn (greyhat@attbi.com)Date: 05/09/02
- Next message: Ian Jones: "Re: Control Character attacks on line printer log devices"
- Previous message: Shawn: "Re: Chasing down an attacker."
- In reply to: scratch: "is this right?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Shawn" <greyhat@attbi.com> Date: Thu, 09 May 2002 00:55:49 GMT
> I run redhat 7.2 on a DSL connection. The DSL modem I use requires the
user
> to open "pinholes" before the service becomes available to the "outside
> world". I have opened the ports that I need, and on those ports (ie: FTP
> :21), I have restricted these ports on my server (ie: FTP restricted to
real
> users only......class real *).
First off, what are you calling pinholes? What kind of DSL modem do you
have? Unless your modem has a built-in firewall or NAT'ing, more than likely
it does NOT block traffic. You should focus on securing your connection from
the server.
> My question is......do I need to configure my server firewall, or does the
> modem block all ports I haven't opened - therfore requiring me to only
> configure the servers security on the modems open ports. Example: I have
> closed port 22 on the modem, so I shouldn't need to attend to sshd
security?
Security through obscurity is NOT a good theory to follow. As a rule of
thumb, you should turn off all the services you don't need on the server;
period! Hope this helps..
-- Shawn www.intrusiondefense.com
- Next message: Ian Jones: "Re: Control Character attacks on line printer log devices"
- Previous message: Shawn: "Re: Chasing down an attacker."
- In reply to: scratch: "is this right?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
