LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 11-06-2004, 12:44 PM   #1
schteelhead
LQ Newbie
 
Registered: Aug 2004
Location: 32.47 / -86.44
Distribution: Slack10, W2k
Posts: 21

Rep: Reputation: 15
Need IDS if using IPtables/Firewall??


Howdy,

I have got my Slack 10 install on the net, running fine on dial-up right now, and am using Firestarter as a firewall front end. I am also using chkrootkit as the second leg in my security stance.

My question is: Do I actually need to use an intrusion detection utility like snort, or a file integrity checker like tripwire, in addition to these first steps??

I want to have a fairly secure system, but I am not overly paranoid unless someone here convinces me to be otherwise.

If I have have any obvious misperceptions please correct me, I am a Linux newcomer, and don't really know much of what I am talking about here.

Thank you, Head
 
Old 11-06-2004, 01:28 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally posted by schteelhead
Do I actually need to use an intrusion detection utility like snort, or a file integrity checker like tripwire, in addition to these first steps??
it depends on what the box or network is doing and how valuable the data on it is... for the average joe using linux on the desktop, tools like tripwire and snort are nothing but optional security enhancements... on the other hand, for a system administrator at the local hospital (for example), they might be required tools... and depending on their level of paranoia they might even use an application gateway:

http://www.balabit.com/products/zorp_gpl/

=)


oh, by the way, check-out rootkit hunter, i think it's got some edge over chkrootkit:

http://www.rootkit.nl


and it's also a good idea to subscribe to the slackware security mailing list:

http://www.slackware.com/lists/


Last edited by win32sux; 11-06-2004 at 07:19 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables with iptables-firewall.conf arno's matt3333 Slackware 16 06-28-2007 08:20 AM
Firewall & IDS GUI alerts on KDE: I want them! AvatarofVirgo Linux - Security 2 02-22-2005 08:38 PM
Stealth Firewall, IDS, and syslog server? OlRoy Linux - Security 8 11-08-2003 05:10 PM
help about IDS and firewall Babba Linux - Security 2 02-11-2003 06:35 AM
GUI Firewall/IDS netmatrix0 Linux - Security 7 12-07-2002 10:18 PM


All times are GMT -5. The time now is 06:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration