should I bother with configuring security on my linux box if...
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I most definately would rather not have to do it... (i'm one lazy sob) but is the security on those inexpensive dsl/cable routers good enough for the home?
i'm not running a business or anything of that sort but i would like some security.
What have you got to loose? (there's your answer to how important it is...)
I Have my home system behind a D-link router have left all the ports closed on the router and my ISP doesn't give me an external IP so I'm not really worried about my box at home... Of course most the stuff I want to keep I burn to CD so even if I was hacked I fdisk and start from scratch.
One thing to always keep in mind is that the various routers/modems/and even firewall appliances have vulnerabilities just like anything else. They may not occur as often, simply because they have limited applications that are exposed, but they do happen. If you want to set up a secure LAN, you should not be following the "hard outer-shell, with soft interior" model. You want something that is multi-layered, has rendundant functions to fall back on, and if you have the hardware is capable of detecting abnormalities inside the LAN. So why not use multiple firewalls, use tcp_wrappers and iptables, and remove un-needed apps (as per the good advice of stingx). That way you'll avoid a whole lot more grief if/when someone comes up with an exploit for you router.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
You're looking at it wrong. You shouldn't ask "why should I bother?" you should ask "why don't more people bother?"
Ever wonder how the Code Red worm spred? What about SQL Slammer? You would think firewalls would stop them, right? WRONG. Those worms went nuts because they used services that were allowed THROUGH the firewall. A firewall is not a panecea, it's not a solve-all solution. A firewall is just to give you a little buffer, a little *extra* protection over what you've already implemented.
Security should always work inside out. Protect your systems with widening rings. Why is this? Because over 80% of system compromises happen from insiders. An insider is anyone who was permitted access to your system at some level or another, then exploited that access to wreak havoc.
By now you're still thinking, "so what?" "So I'll just reformat if I get cracked." While your data might not be important, I'll bet you like using Google. I'll bet you don't like receiving spam, you may even use Amazon or ebay occasionally. Now it's really annoying when you can't use those sites because they're getting DDoS'd, or when you have to go through 200 e-mails in the morning because of spam.
Where am I going with this? Well where do you think DDoS's come from? Where do you think the majority of spam comes from? COMPROMISED MACHINES FROM PEOPLE LIKE YOU WHO DON'T THINK IT'S "WORTH IT" TO SECURE THEIR BOXES!!! The vast majority of computer users are exactly like you, which is why it's so easy to trojan a bunch of boxes and launch a DDoS or a massive flood of spambots.
Take it from a professional security engineer: secure your machines.
I have a home network as well with a router, i also run a firewall between my router and the cable modem. I too have nothing of any value on my network, if they crashed it, it would be more time lost if anything, but making it easier for them is not the answer. My system is not the most secure it could be, but with time and learning it will be, with security it's a constant learning curve, never set and forget, your always learning.
I set up the simple Firestarter firewall on my PC, even though it is behind a firewall. It takes hits sometimes (visable in the log). I assume if someone knows how to exploit a vulnerability they could get into my system. If it also has unneeded services shutdown, and unnneeded access firewalled off, they will have a tougher time. It is not that hard to do.
You are making the choice of "convince me I really need to do this" against "HELP ME, I HAVE BEEN HACKED!!!!!" right now. What do you think you should do?
Last edited by 2damncommon; 12-11-2003 at 09:40 PM.