Re: Pro-active Security Software?
From: Joe (joe_at_jretrading.com)
Date: 08/06/03
- Next message: Keith Keller: "Re: root equivalent user"
- Previous message: Ed: "Re: root equivalent user"
- In reply to: David P. Donahue: "Re: Pro-active Security Software?"
- Next in thread: David P. Donahue: "Re: Pro-active Security Software?"
- Reply: David P. Donahue: "Re: Pro-active Security Software?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 5 Aug 2003 23:16:44 +0100
In message <bgmn7m$e4u$1@camelot.ccs.neu.edu>, David P. Donahue
<ddonahue@ccs.neu.edu> writes
>Nmap! That's what my friend used to use (probably still does, we're out of
>touch these days)! Man, that was bugging me, thanks :)
>
>Looks like that'll take care of alot of what I want. I'll look into
>iptables, too, and see how well that fits into my network design (Linksys
>router/firewall device behind which sit a bunch of machines, half Windows
>and half Linux). I suppose it would be more ideal to stick a dual-nic Linux
>box between the Internet and my network and be really hands-on with the
>firewalling, but I'll need to do alot of research and testing before I trust
>anything I setup.
Try ipcop, as near a firewall-in-a-box as you can get. And free.
Ultimately, you will need to deal with iptables, which is not too hard.
There are good, basic tutorials, as well as various HOW-TOs which should
exist in any Linux distribution.
>
>If anybody has any other suggestions for preventing the "hard crunchy shell,
>soft chewy underbelly" approach, as mentioned in another post in this group,
>I'm always listening for ideas. I just never could shake that feeling that
>I need more security on my network, especially with my wife's amazing
>ability to download and execute things she shouldn't.
>
Iptables can use PIDs, so it is possible to designate Linux applications
which should have Internet access. TCP/IP does not carry details of the
originating program, so this only works on the machine which is running
iptables. To further protect the interior Linux network machines,
iptables running on those machines should be told which programs are
authorised to connect to Internet hosts.
This is more of a problem with Windows, so much so that several (free
for non-commercial use) 'personal' firewalls exist. ZoneAlarm and Kerio
are two names to google for, and there are others. With these, there is
an operational mode and a training mode: in the latter you tell the
firewall which applications can connect, possibly to which Internet
hosts. These firewalls have commercial equivalents which allow more
precise control. I have an ancient program called AtGuard which allows
quite precise control, and I believe Norton Firewall is a latter-day
version of this.
I'm afraid that the biggest security improvement to Windows is not to
use either Internet Explorer or Outlook/Outlook Express. Unfortunately
many Windows users are unable to survive without them, but there are
alternatives. Opera and Mozilla are two browsers/email clients available
on Windows and Linux., which are generally not stupid enough to execute
downloaded programs in emails or Web pages. A few Web sites will not
work with anything but IE, but you must decide where the
security/functionality tradeoff is set.
-- Joe
- Next message: Keith Keller: "Re: root equivalent user"
- Previous message: Ed: "Re: root equivalent user"
- In reply to: David P. Donahue: "Re: Pro-active Security Software?"
- Next in thread: David P. Donahue: "Re: Pro-active Security Software?"
- Reply: David P. Donahue: "Re: Pro-active Security Software?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
