|
should I bother with configuring security on my linux box if...
I already have a firewall on my inexpensive Netgear dsl/cable router. additionally, i have mac address filtering enabled too.
|
Re: should I bother with configuring security on my linux box if...
Quote:
Of course, if you really don't feel like it, screw it... |
:D I most definately would rather not have to do it... (i'm one lazy sob) but is the security on those inexpensive dsl/cable routers good enough for the home?
i'm not running a business or anything of that sort but i would like some security. |
What have you got to loose? (there's your answer to how important it is...)
I Have my home system behind a D-link router have left all the ports closed on the router and my ISP doesn't give me an external IP so I'm not really worried about my box at home... Of course most the stuff I want to keep I burn to CD so even if I was hacked I fdisk and start from scratch. |
One thing to always keep in mind is that the various routers/modems/and even firewall appliances have vulnerabilities just like anything else. They may not occur as often, simply because they have limited applications that are exposed, but they do happen. If you want to set up a secure LAN, you should not be following the "hard outer-shell, with soft interior" model. You want something that is multi-layered, has rendundant functions to fall back on, and if you have the hardware is capable of detecting abnormalities inside the LAN. So why not use multiple firewalls, use tcp_wrappers and iptables, and remove un-needed apps (as per the good advice of stingx). That way you'll avoid a whole lot more grief if/when someone comes up with an exploit for you router.
|
You're looking at it wrong. You shouldn't ask "why should I bother?" you should ask "why don't more people bother?"
Ever wonder how the Code Red worm spred? What about SQL Slammer? You would think firewalls would stop them, right? WRONG. Those worms went nuts because they used services that were allowed THROUGH the firewall. A firewall is not a panecea, it's not a solve-all solution. A firewall is just to give you a little buffer, a little *extra* protection over what you've already implemented. Security should always work inside out. Protect your systems with widening rings. Why is this? Because over 80% of system compromises happen from insiders. An insider is anyone who was permitted access to your system at some level or another, then exploited that access to wreak havoc. By now you're still thinking, "so what?" "So I'll just reformat if I get cracked." While your data might not be important, I'll bet you like using Google. I'll bet you don't like receiving spam, you may even use Amazon or ebay occasionally. Now it's really annoying when you can't use those sites because they're getting DDoS'd, or when you have to go through 200 e-mails in the morning because of spam. Where am I going with this? Well where do you think DDoS's come from? Where do you think the majority of spam comes from? COMPROMISED MACHINES FROM PEOPLE LIKE YOU WHO DON'T THINK IT'S "WORTH IT" TO SECURE THEIR BOXES!!! The vast majority of computer users are exactly like you, which is why it's so easy to trojan a bunch of boxes and launch a DDoS or a massive flood of spambots. Take it from a professional security engineer: secure your machines. |
I have a home network as well with a router, i also run a firewall between my router and the cable modem. I too have nothing of any value on my network, if they crashed it, it would be more time lost if anything, but making it easier for them is not the answer. My system is not the most secure it could be, but with time and learning it will be, with security it's a constant learning curve, never set and forget, your always learning.
|
I use the Homeportal 2-wire DSL modem/router - which has some decent firewall protection.
My network is behind it - 1 linux box, 4 windows machines. The Homeportal allows for good updates to the firewall software, so in my case I dont run client firewalls. However, I DO run nessus against my router, as well as nmap to check/update any vulnerabilities. I also keep my Linux box completely patched at all times. In the past 2 weeks my firewall logs have recorded 6 hacker attacks - none got through, all were logged. In my case, nessus shows no vulnerabilities in my router (with the latest software,) so "I" feel running firewalls behind that one (for me) is overkill. Bear in mind however, that e-v-e-r-y-t-h-i-n-g is patched and up-to-date. Does your router do NAT and stateful packet inspection I assume? Along with limiting outbound (as well as inbound) traffic? .: Aftiel |
I set up the simple Firestarter firewall on my PC, even though it is behind a firewall. It takes hits sometimes (visable in the log). I assume if someone knows how to exploit a vulnerability they could get into my system. If it also has unneeded services shutdown, and unnneeded access firewalled off, they will have a tougher time. It is not that hard to do.
You are making the choice of "convince me I really need to do this" against "HELP ME, I HAVE BEEN HACKED!!!!!" right now. What do you think you should do? Good Luck. |
| All times are GMT -5. The time now is 11:59 PM. |