Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I recently swithced to from dial-up to ADSL. I have a router connected to the phone line, my linux box connected by ethernet and my wife's windows laptop connected wirelessly.
When we used dial up, for a firewall I used Guarddog, with Zonealarm on the windows machine. Both of these produced a 100% stealthed result on the test at grc.com.
Now with my new set-up, the result isn't so good. Ports 21, 23 ,80,254 and 255 are stealthed, but the rest are showing up, albeit as closed.
My router does have a firewall, but I'm not sure if I can configure it further. I skimped and bought a cheap generic router, with a very basic manual. All it says about the firewall is:
"The Conexant firmware includes the Free BSD version firewall. All UDP/TCP ports are protected from intrusion."
Now my question is: How worried should I be? The IP address that grc is testing is just my router, not my actual computers, which have their own addresses on the subnet, and are presumably still invisible behind Guarddog and Zonealarm. Even on the router, if 21(FTP) and 80(HTTP) are stealthed, that should be OK. Shouldn't it? Or am I horribly misunderstanding some basic concept here?
I wouldn't be too worried at all. I have one of these connexant based modem/routers as well and I am running a webserver behind it and only 80 is open. Basically if the ports are stealthed then they will not respond to probes which is what hackers are looking for in order to penetrate the system. Most of the things I see coming in on a daily basis are M$ exploits via port 80. I have never seen any other attempt come through the router in the 9 months I have been running my system on the router. I do also have firewalling on the server as well and use snort and portsentry but have not seen any probes to date.