LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-26-2001, 12:42 AM   #1
tyler_durden
Member
 
Registered: May 2001
Posts: 125

Rep: Reputation: 15

i am currently running a network off of a cable modem. right now i use and old p200 system running win2k for ip masquerading. i plan to convert this to a linux ip masquare shortly.
inside i have a linux box that i use for file sharing (samba, with no passwords on anything) and all my roomates computers. After i switch my NAT machine to linux, how safe is my linux box inside the network? Is it that hard to hack a well configured NAT machine? How would i ever know if either of the linux boxes were hacked?
thanx for the help

PS. i am new to the forum and find it EXTREMELY usefull. You guys (and gals) rock.
 
Old 05-26-2001, 07:53 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
Quote:
After i switch my NAT machine to linux, how safe is my linux box inside the network?
As safe as uve configured ure box for general use.
In regard to NAT, as safe as ure fw rules.
Ppl from the outside cant connect to NATted boxes on their own. OTOH, u can initiate the connection from behind the NAT, it then is an allowed connection, and so would be anything sent over that connection. Another issue is with portforwarding. It allows ppl to connect tru the NAT box transparently to a service running one a box behind the NAT.

Quote:
Is it that hard to hack a well configured NAT machine?
If its well configured there wouldnt be any vulnerable services running on the NAT box itself.

Quote:
How would i ever know if either of the linux boxes were hacked?
Read www.cert.org/tech_tips/intruder_detection_checklist.html Its still valid.
Have (and use) some of the following: an integrity checker like Tripwire or Aide. A rootkit scanner like chrootkit. Some alerting/defense cap like and Portsentry, Snort or Ippl, Scandetd. It might seem overkill to use any of these on ure box, but in the end itll save u time from checking manually, theyll only alert (if configured well) if theres really smptin wrong.
 
Old 05-26-2001, 09:37 PM   #3
abyss
Member
 
Registered: May 2001
Location: New York, USA
Distribution: AIX, Ubuntu
Posts: 113

Rep: Reputation: 16
Exclamation

tyler:

Some very general words of caution. I'm not sure how familiar you are with Linux, so forgive me if I'm reminding you of things you already know.

Most Linux distros have many services load by default at boot time, leaving you with lots of open ports and vulnerabilities. I suppose that they assume that you'll be using it as a server and want to make things easy on you or something. Close all ports that you do not need open by shutting down the services that are using them.

To see what ports you have open you issue the netstat -a (or -l) command (which also works in w2k, btw) to see what ports are listening. Every open port is a vulnerability. Close as many as possible.
 
Old 05-30-2001, 05:36 AM   #4
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Just relying on NAT as a firewall is not secure at all.
Due to the system bridging two networks with address translation means it's rewrapping the tcp packets and has to trust certain packet sources.

So unless you add some extra security, hackers can change packets to spoof your NATwall into thinking it's come from the internal address or a trusted source.

Get a firewall up.
NAT with a firewall is secure.

/Raz
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
check the security hole ust Linux - Security 6 09-10-2004 06:42 PM
What security files do I check and.. BajaNick Linux - Security 1 07-07-2004 04:41 AM
Security Check on my computer - 4 am? vi0lat0r Linux - Security 2 04-08-2004 03:29 AM
Boot disk; check. CD in drive; check. Doesn't work; check. Hal DamnSmallLinux 7 02-04-2004 03:10 AM
how to check security settings? samkupar Debian 2 01-11-2004 07:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration