LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-29-2004, 07:47 AM   #1
Kropotkin
Member
 
Registered: Oct 2004
Location: /usr/home
Distribution: Linux Mint, FreeBSD, Android
Posts: 356

Rep: Reputation: 32
Question maximum security required


Hi all,

Owing to circumstances beyond my control, I am obliged to set up my standalone linux box to be as secure possible. I am running Fedora Core 3 test 3 and connnected to the net via ADSL. I am not running any servers.

Using Firestarter, I have disabled ALL ports for incoming traffic. Can I now be confident that my system is fully secure against intruders? Are there any other additional steps I can take short of unplugging the RJ45 cable?

Thanks and have a nice day...
 
Old 10-29-2004, 07:58 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977
A quick online test will give you a hand...
http://computercops.biz/modules.php?name=nmap but generally you should be quite secure there.
 
Old 10-29-2004, 09:10 AM   #3
qwijibow
LQ Guru
 
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672

Rep: Reputation: 47
if you are not running any servers, it will be extremely difficult for anyone to penetrate you box.

but there are extra steps you can take if you want to be paranoid..
how paranoid do you want to get ???

ohh, and what kernel are you using ?
if its 2.6.0 -> 2.6.7 you will need to upgrade.

there is a remote exploit where if you use iptbales firewall LOGGING, a hand crafted packet could case an underflow andd reboot your machine.

its not possible to use this to gain access to your machine, but if you pissed off someone on IRC, that could become annoying
 
Old 10-29-2004, 09:52 AM   #4
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Re: maximum security required

Quote:
Originally posted by Kropotkin
Owing to circumstances beyond my control, I am obliged to set up my standalone linux box to be as secure possible.
That's easy: don't connect it to the internet.
 
Old 10-29-2004, 05:12 PM   #5
Kropotkin
Member
 
Registered: Oct 2004
Location: /usr/home
Distribution: Linux Mint, FreeBSD, Android
Posts: 356

Original Poster
Rep: Reputation: 32
Quote:
Originally posted by qwijibow
if you are not running any servers, it will be extremely difficult for anyone to penetrate you box.
Ok, how vulnerable are p2p programs, like Limewire and aMule? If I leave a couple of ports open for them is this a signficant security risk?
 
Old 10-29-2004, 05:37 PM   #6
Kropotkin
Member
 
Registered: Oct 2004
Location: /usr/home
Distribution: Linux Mint, FreeBSD, Android
Posts: 356

Original Poster
Rep: Reputation: 32
Red face

Quote:
Originally posted by TruckStuff
That's easy: don't connect it to the internet.
Thank you for belaboring the obvious. Actually, I mentioned disconnecting the RJ45 plug in my original post...
 
Old 10-30-2004, 06:23 AM   #7
Kropotkin
Member
 
Registered: Oct 2004
Location: /usr/home
Distribution: Linux Mint, FreeBSD, Android
Posts: 356

Original Poster
Rep: Reputation: 32
Question

Quote:
Originally posted by acid_kewpie
A quick online test will give you a hand...
http://computercops.biz/modules.php?name=nmap but generally you should be quite secure there.
Thanks for the pointer. I haven't been able to run this test yet (costs $) but I did run the online diagnostics Shield's UP at https://www.grc.com/x/ne.dll?bh0bkyd2

According to this test, ports 21, 23, and 80 are open on my system and ICMP Echo is enabled. However, I have explicitly closed all ports on my box and disabled ICMP Echo using Firestarter. I am networked via a wireless router connected to my ADSL connection; is it possible that these ports and ICMP Echo are open on the router ? Also, as I run the test, I would have expected to see the hits in the Firestarter Hists window, but nothing at all was displayed. Firestart is active and indicates that the firewall is enabled.

Last edited by Kropotkin; 10-30-2004 at 04:54 PM.
 
Old 10-30-2004, 05:27 PM   #8
qwijibow
LQ Guru
 
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672

Rep: Reputation: 47
oops...

Quote:
Ok, how vulnerable are p2p programs, like Limewire and aMule? If I leave a couple of ports open for them is this a signficant security risk?
these are servers.
if you close off the ports then you will be secure, but you will not be able to download as material as fast.
just like any server, IF there is a venuerability in the software, then you are not secure.

normally i hate limewire (aplollon is much better !)
but as far as security is concerned, limewire is a good choice.

most attacks on servers use some kind of buffer overflow exploit.
limewire is written in java, and java is an excellent at protecting itself from these kind of attacks.

if you want to be totally secure, you cannot use a p2p program with port forwarding anabled.

anyways.. to sum it up...
aMule is secure unless an exploit is discovered.
Limewire is very secure, BUT limewire installs spyware and adware on your system.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Maximum PArtitions Echo Kilo Linux - Software 5 02-14-2005 01:39 PM
Help required with a security issue? NuLLiFiEd Linux - Security 4 12-27-2004 09:20 AM
four partition maximum? the_padawan Linux - Newbie 4 09-16-2004 05:58 PM
fedora2 maximum firewall security = ALLOW ALL !!!??? qwijibow Linux - Security 4 05-30-2004 07:53 AM
Maximum Linux Colonel Panic General 7 07-24-2001 04:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration