LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-06-2003, 08:30 PM   #1
Babba
LQ Newbie
 
Registered: Nov 2002
Posts: 20

Rep: Reputation: 0
help about IDS and firewall


1 Should i place my IDS inner or outer firewall?

2 what should i do if my friewall is hacked?
 
Old 02-07-2003, 04:02 AM   #2
Noerr
Member
 
Registered: May 2002
Location: Dalec, HU
Distribution: Redhat 7.3
Posts: 696

Rep: Reputation: 30
1) if you need it for outsiders, put it out, otherwise let it in

2) Start reading CERT issues, and bug reports, and get enough info to figure out how they broke into your server, and how to get them out (not so easy task, unless you have some "script kiddies" in your box)

good luck
 
Old 02-11-2003, 06:35 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,671
Blog Entries: 54

Rep: Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953
1. Even tho it depends on how your fw's are configured to let tru traffic I'd say: both. Like in the Single Point of Failure thingie.

2. If your firewall got cracked this means you've been running daemons on the fw, and that's a bad habit unless you know what you're doing and accept the risks. In essence fw's are for regulating traffic, not for serving (public) services.

Read this at least:
UNIX Security Checklist v2.0: [url]www.cert.org/tech_tips/unix_security_checklist2.0.html[url],
The Twenty Most Critical Internet Security Vulnerabilities: http://www.sans.org/top20/,
Steps for Recovering from a UNIX or NT System Compromise: www.cert.org/tech_tips/root_compromise.html,
Security tips: www.cert.org/tech_tips/ and www.cert.org/security-improvement/.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall & IDS GUI alerts on KDE: I want them! AvatarofVirgo Linux - Security 2 02-22-2005 08:38 PM
Need IDS if using IPtables/Firewall?? schteelhead Linux - Security 1 11-06-2004 01:28 PM
Stealth Firewall, IDS, and syslog server? OlRoy Linux - Security 8 11-08-2003 05:10 PM
Ids? zuessh Linux - Security 9 04-26-2003 06:48 AM
GUI Firewall/IDS netmatrix0 Linux - Security 7 12-07-2002 10:18 PM


All times are GMT -5. The time now is 10:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration