Newbie Seeking Advise on How to Secure Slackware

http:// · 04-05-2008, 09:12 PM

Hello,

I guess the title basically says it all.

Right now, I really dont have anything securing my computer. I could connect to it using Putty easily, I dont have a firewall, I really dont have anything protecting me.

I tried nmap-ing myself and I have a couple of ports left always open. I even have one running a program I know nothing about (port37 time)

I've read a couple of posts here, but I really dont have a clue on what they were talking about

I tried reading from other forums (linux) but Im not sure if they are applicable to slackware or how they can be applied to slackware. I downloaded Firestarter but I dont know how to install it.

Could anyone please share some good links in securing slackware.

Well, I guess I embarrassed myself enough for today.

Thank you for your time.

Humbled

mikel

P.S. Please dont advise me to change to another distro or keep off linux completely

I ask pardon for taking up your time with my ignorance...

Humbly,

mikel

hitest · 04-05-2008, 09:35 PM

I run a NAT router, it is a pretty-good firewall solution. You could install Eric's firewall scripts:

http://www.slackware.com/%7Ealien/efg/

Also it is a good idea to patch your unit with the latest security updates. You can find the patches at the main slackware site.

samwise17 · 04-06-2008, 12:07 AM

Try the chapter on security (chapter 14) in the Slackbook, which explains how to disable internet daemon services like time.

The most common firewall program in linux is called iptables, programs like Firestarter are gui frontends for it. I liked Guarddog, which has a slackbuild script here.

http:// · 04-06-2008, 10:32 AM

Thanks for the tips! Will be doing a lot of reading before asking silly questions...

Humbly

mikel

hitest · 04-06-2008, 10:44 AM

Quote:

Originally Posted by http://

Thanks for the tips! Will be doing a lot of reading before asking silly questions...

Humbly

mikel

You are very welcome:-) Your question isn't silly, it is a good one.
We are here to help:-)

phantom_cyph · 04-06-2008, 10:27 PM

This may come up later...

I'm having the annoying problem of pidgin not being able to log on to my accounts. They are enabled in guarddog, as well as http, and https. I made protocols for the paging ports for both aim and yahoo, but I still cannot log on.

Anyone have an idea as to why this is happening?

samwise17 · 04-06-2008, 11:26 PM

Sanity check: did you also enable DNS (domain name resolution)? When it says it blocks everything by default, it means it.

phantom_cyph · 04-07-2008, 06:04 AM

Yes, DNS is allowed.

adriv · 04-07-2008, 07:12 AM

Do you have Seamonkey installed?

hitest · 04-07-2008, 08:21 AM

I know this is rather obvious. But, you should never run your unit as root user. Create a user for day-to-day use.

phantom_cyph · 04-07-2008, 03:30 PM

Quote:

Originally Posted by hitest

I know this is rather obvious. But, you should never run your unit as root user. Create a user for day-to-day use.

Duh. What in my post gave you the impression I was? You have to give the root password to start guarddog.

hitest · 04-07-2008, 09:48 PM

Quote:

Originally Posted by phantom_cyph

Duh. What in my post gave you the impression I was? You have to give the root password to start guarddog.

Uh.....my post was not directed at you.....chill. The post was meant for the OP...okay?