LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-18-2001, 08:33 PM   #16
mikez
Member
 
Registered: May 2001
Location: New York
Distribution: Debian, Ubuntu
Posts: 83

Rep: Reputation: 15

your still vunerable to an attack of some kind. All a hacker needs is 1 open port to do something. The only way not to get your box hacked is to have any open ports. But, i know that would be no fun. By closing up all un-used ports it makes it more secure, but not totally secure. A DoS attack or some other attack could still be performed. You should go to your red hat's site and some other security related sites and look for patches or read up on how to secure your box better. In my mind, nobody is TOTALLY secure, even if they think they are, the probably aren't...
 
Old 05-18-2001, 10:09 PM   #17
nabil
Member
 
Registered: Feb 2001
Location: MI, USA
Distribution: Debian Linux 100% GNU
Posts: 210

Original Poster
Rep: Reputation: 31
Ok, I agree with everything you said, but it's got to be someway to secure mail and web with just standard os service because they are ports that have to be open to the whole world. When it come to telnet, ftp or even pop3, they can be controlled by allowing access to certain users connecting from certain sites with no problem using standard filter firewall. I don't think there is a good firewall that can filter traffic on port 80 or 25 and block hackers. This should be done by the service it self not the firewall. I doubt if big companies web sites are behinde firewalls which filter http and smtp traffic all day long...Probebaly not, maybe just monitored closley and if in an event of an attack they will restore it quickly. I my self did not lose anything du to the hack cause I had a good backup system running which allowed me to bring it back as before the attack in less than 30 minutes.
 
Old 05-19-2001, 12:19 AM   #18
mikez
Member
 
Registered: May 2001
Location: New York
Distribution: Debian, Ubuntu
Posts: 83

Rep: Reputation: 15
I think sometimes a firewall can make even more problems then you already have. It sometimes gives a hacker another program to exploit and gain access to the system. I think also think big big companies dont need firewalls to be protected. A active admin that can monitor the system is sometimes good enough. Some companies are targets of attacks because their software makes them so vunerable. It all depends on the system and what is being used, I think.
I think you can run open ports 25 and 80 with no problems if you get the lastest patches for your OS. Whatever you do, good luck.
 
Old 05-21-2001, 12:26 AM   #19
r3b00t
Member
 
Registered: May 2001
Distribution: OpenBSD 3.0-beta
Posts: 50

Rep: Reputation: 15
<edit>
oops, didn't see the second page
</edit>
 
Old 05-22-2001, 06:46 AM   #20
bako
Member
 
Registered: Sep 2000
Location: Haarlem, The Netherlands
Distribution: Freesco, RedHat, Debian
Posts: 41

Rep: Reputation: 15
Talking

any open ports are a security problem, a firewall mearly does its job in closing mosts ports (by just being the machine inbetween it also provides just another bridge to cross), but if you open up any ports you do have to keep track of the security updates and vulnarebilities of the applications (i.e. services) running behind those ports....

for instance check if you have the latest webserver running on your port 80 (with all patches installed, please also check things like perl and php if installed) and check your mailserver for vulnerabilities (patches and configuration). You might also check you mailserver at http://www.mail-abuse.org/

Good luck...
 
Old 05-22-2001, 04:11 PM   #21
Stephanie
LQ Addict
 
Registered: May 2001
Location: Arizona
Distribution: 9.2 Mandy 1.4 Gentoo 5.1 FreeBSD WinXP
Posts: 1,166

Rep: Reputation: 45
Just a small thought

Look....

Nothing is completely secure. Everytime there is a patch made for something, a cracker finds another thing to exploit. All you can do is lesson the possibilites that particular cracker has to get in.

Something to keep in mind also is that companies as a general rule seem to think they need all these services running, and that makes them quite vulnerable.

The regular Joe blows out there dont need all theese running, and are less likely to be hacked IF they close down those ports. And of course add a firewall.

Granted, a firewall can still be exploited, but again if they want in, they can eventually find a way. Just make it more difficult for them to do so.

BTW -One last thought for you to digest. Windows 2K and NT are very insecure despite their claims. There have been many news reports lately of damage to Windows based PC's and security violations, and still only a few on Linux. And if the NSA is helping to make Linux secure, obviously they feel it has better chances than M$ crap.
 
Old 05-25-2001, 12:06 AM   #22
Q25
Member
 
Registered: May 2001
Distribution: RedHat 9.1
Posts: 131

Rep: Reputation: 16
As Linux becomes more widely spread you'll see the holes start showing up..
Till lately it has been of little interest to hack Linux as not many used it. Just wait and see..
It's no better no worse than Windows.
Just look at the Bind security hole that turned up last year (if I remember correctly)..
It's not like it's the most complicated piece of software, still it's needed on a server (dns server that is ).
And then it has a flaw that leaves your server wide open.. FFS! The Lion Worm can take over your server and you won't even see what hit you till it's too late...lol
Format c:
 
Old 05-26-2001, 07:17 AM   #23
Dallam
Member
 
Registered: Apr 2001
Location: England
Distribution: SuSE 7.1
Posts: 63

Rep: Reputation: 15
Hi All,

Q25...here, go read this site and learn something about about the lion worm.

http://www.snort.org/

"As Linux becomes more widely spread you'll see the holes start showing up.. "

Maybe so, but you will also see an almost instantaneous fix for these. I can guarantee you won't hear "this is a known security issue" as from M$ and have to wait for a future upgrade and pay for it as well.

"Till lately it has been of little interest to hack Linux as not many used it. Just wait and see.. "

Hmmm. correct me if I am wrong, but linux has always been a hackers system. Hacking in my terminology being different as to what script kiddies refer to as "hacking". Linux was created by hackers.

"And then it has a flaw that leaves your server wide open.. FFS! The Lion Worm can take over your server and you won't even see what hit you till it's too late...lol
Format c: "

I don't think anyone really "Format c:" on a server do they? Usually the info in forwarded to an email addy somewhere.

Dallam
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Xwindows - Stuck At 640x480 For 2 Months :( ligerdude Linux - Newbie 8 10-11-2005 09:11 PM
RHCE - Certificate in three months? Virgiliog Linux - Certification 1 01-25-2005 12:05 PM
Can not fix x-mame since months Harp00 Linux - Games 7 06-01-2004 03:38 AM
ALSA WORKS (After 4 months of reading) Evilone Linux - Software 2 04-06-2003 05:29 AM
No printing - 2 months and counting... zeepass99 Linux - Newbie 7 07-23-2002 02:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration