Hi all,

Owing to circumstances beyond my control, I am obliged to set up my standalone linux box to be as secure possible. I am running Fedora Core 3 test 3 and connnected to the net via ADSL. I am not running any servers.

Using Firestarter, I have disabled ALL ports for incoming traffic. Can I now be confident that my system is fully secure against intruders? Are there any other additional steps I can take short of unplugging the RJ45 cable?

Thanks and have a nice day...

A quick online test will give you a hand...
http://computercops.biz/modules.php?name=nmap but generally you should be quite secure there.

if you are not running any servers, it will be extremely difficult for anyone to penetrate you box.

but there are extra steps you can take if you want to be paranoid..
how paranoid do you want to get ???

ohh, and what kernel are you using ?
if its 2.6.0 -> 2.6.7 you will need to upgrade.

there is a remote exploit where if you use iptbales firewall LOGGING, a hand crafted packet could case an underflow andd reboot your machine.

its not possible to use this to gain access to your machine, but if you pissed off someone on IRC, that could become annoying

That's easy: don't connect it to the internet.

Ok, how vulnerable are p2p programs, like Limewire and aMule? If I leave a couple of ports open for them is this a signficant security risk?

Thank you for belaboring the obvious. Actually, I mentioned disconnecting the RJ45 plug in my original post...

Thanks for the pointer. I haven't been able to run this test yet (costs $) but I did run the online diagnostics Shield's UP at https://www.grc.com/x/ne.dll?bh0bkyd2

According to this test, ports 21, 23, and 80 are open on my system and ICMP Echo is enabled. However, I have explicitly closed all ports on my box and disabled ICMP Echo using Firestarter. I am networked via a wireless router connected to my ADSL connection; is it possible that these ports and ICMP Echo are open on the router ? Also, as I run the test, I would have expected to see the hits in the Firestarter Hists window, but nothing at all was displayed. Firestart is active and indicates that the firewall is enabled.

oops...

these are servers.
if you close off the ports then you will be secure, but you will not be able to download as material as fast.
just like any server, IF there is a venuerability in the software, then you are not secure.

normally i hate limewire (aplollon is much better !)
but as far as security is concerned, limewire is a good choice.

most attacks on servers use some kind of buffer overflow exploit.
limewire is written in java, and java is an excellent at protecting itself from these kind of attacks.

if you want to be totally secure, you cannot use a p2p program with port forwarding anabled.

anyways.. to sum it up...
aMule is secure unless an exploit is discovered.
Limewire is very secure, BUT limewire installs spyware and adware on your system.