LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Security - to be safe on slackware 10.2 (http://www.linuxquestions.org/questions/slackware-14/security-to-be-safe-on-slackware-10-2-a-428767/)

Hondro 03-26-2006 06:34 PM

Security - to be safe on slackware 10.2
 
Hi, i am newbie in slackware.

I want to know what security (firewall, antivirus, logging not with "root") to use, to be safe.
Slackware i am using for home PC without other computers (one PC).

Can somebody give me good advices?

win32sux 03-26-2006 09:29 PM

make sure you block all incoming connections with iptables...

get rid of any software you have installed which you don't need...

make sure you always keep your system up to date with the latest patches that patrick volkerding puts out...

use the firefox web browser, and install the noscript extension...

just my two cents...

odevans 03-26-2006 10:03 PM

Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening. Restart inetd with "/etc/rc.d/rc.inetd restart"

Also, any services you're only using locally (CUPS, Sendmail, X etc. etc.) should be set up to only listen on localhost.

Project Files has a nice rc.firewall script that can be dropped into /etc/rc.d/ (and chmod +x) that blocks all incoming connections by default. It's easy to edit (very well commented). http://projectfiles.com/firewall/ (get the latest 2.0 version).

You can subscribe to the "security" mailing list over at slackware.com for notifications of any necessary updates. Security patches can be found at:

ftp://ftp.slackware.com/pub/slackwar...ches/packages/

There are some 60 updates there for 10.2 -- not all of which you'll need.

Probably a bunch of things I've missed...

win32sux 03-26-2006 10:08 PM

Quote:

Originally Posted by odevans
Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening. Restart inetd with "/etc/rc.d/rc.inetd restart"

or you could also just uninstall inetd... :)

Randux 03-27-2006 11:21 AM

Quote:

Originally Posted by win32sux
or you could also just uninstall inetd... :)

Yeah, exactly. chmod -x on all the stuff you don't want to run. I love the way Pat set stuff up. It's so easy to change without even editing a file!

Alien_Hominid 03-27-2006 11:33 AM

Quote:

Originally Posted by odevans
If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening.

Auth is used for identification, for example, when you are logging to IRC server. So if you are planning to chat on IRC, don't disable it. Otherwise you will have to wait for server's response.
Sadly, don't know about time purpose.

Hondro 03-27-2006 04:39 PM

Thanks for the advices

I want more information please post more :)

hitest 03-27-2006 11:47 PM

I have my slackware box running using DHCP and have it behind a router, a NAT firewall isn't perfect, but, it provides some protection.

win32sux 03-29-2006 01:47 PM

well, another thing you could do to harden your box is to recompile your kernel using a stripped-down config (only the options you need) and also you could patch it with the grsecurity patch: http://www.grsecurity.net/

if you need a kernel compile guide here's a neat one:

http://www.digitalhermit.com/linux/K...ild-HOWTO.html

spelya 03-29-2006 07:07 PM

Thanks evrery one for those advises.

raska 03-29-2006 07:43 PM

Quote:

Originally Posted by odevans
Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening...

good to know those ports are good-for-nothing .... closing ... done. Fine :D

now, why do those 2 ports come open by default if are not used?


All times are GMT -5. The time now is 03:11 PM.