LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-30-2003, 02:15 AM   #1
Harimwakairi
LQ Newbie
 
Registered: May 2003
Posts: 15

Rep: Reputation: 0
New to Linux - How worried should I be?


I finished a new install of Redhat 9.0 on my spare computer. I'm going to be using it as an email and web server for my little personal domain. I have it on my cable modem behind a Linksys router. The ports I've got open and forwarded to the Linux box are ftp, http, smtp, and ssh. Everything else is closed off. I've got Redhat's little updater going, and I'm current with everything they have.

At this point, do I need to worry about security all that much? Can I rely on Redhat's up2date to keep me exploit free, keep just those four ports open and be good to go? Or do I need to get a security book and subscribe to bugtraq before some thirteen-year-old 0wns me?
 
Old 06-30-2003, 03:05 AM   #2
sepski
LQ Newbie
 
Registered: Jun 2003
Location: norway
Distribution: rh 6.x, rh7.x, rh8, rh9, leaf, mandrake 9.1
Posts: 4

Rep: Reputation: 0
keeping current with updates are very important.

but a bugfree system won't help if you have weak passwords.
so keep strong passwords on all users of the system, and very strong password for root.

http://www.gnu.org/directory/Securit...on/pwdgen.html
this is a nice tool for making passwords.

or you can just drop you'r cat on the keyboard.
 
Old 06-30-2003, 10:10 PM   #3
Harimwakairi
LQ Newbie
 
Registered: May 2003
Posts: 15

Original Poster
Rep: Reputation: 0
Thanks for the info. I was thinking of getting a cat anyway...
 
Old 07-02-2003, 07:31 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595Reputation: 3595
Choosing "good" passwds and updating is ok, but it's not everything.
Please start at the LQ FAQ: Security references, post #1 under "Checklists".
 
Old 07-02-2003, 07:48 AM   #5
Noryungi
Member
 
Registered: Jul 2003
Location: --> X <-- You are here.
Distribution: Slackware, OpenBSD
Posts: 305

Rep: Reputation: 53
Unless you really badly need to have a server on this machine, I would recommend closing down everything except SSH.

ftp is a BAD idea, in any case, since most ftp daemons are easy targets for crackers.

Relying on Red Hat for security is a bad idea, since they are the most common ditro -- and, therefore, the most hacked. Try enabling the VPN functions on your Linksys to restrict login to the server to a bunch of pre-programmed (external) IP addresses.

There is a good tutorial on SSH and how it can replace most everything at the following address:

http://www.linuxjournal.com/article....thread&order=0

And do get a good security book before you get hacked. Please.
 
Old 07-22-2003, 05:13 PM   #6
je_fro
Member
 
Registered: Nov 2002
Location: /texas/austin/home/desk
Distribution: Gentoo
Posts: 341

Rep: Reputation: 30
Forget redhat default security

Learn iptables and secure your box.

http://www.thing.dyndns.org/debian/iptables.htm

http://www.ibiblio.org/pub/Linux/doc...ade-HOWTO.html

http://iptables.linux.dk/
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Should i be worried? teqno Linux - Hardware 2 09-17-2005 03:47 AM
got new wireless internet, worried about linux installation cyanide_2 SUSE / openSUSE 0 01-24-2005 11:50 PM
I'm worried .... lesleyb SUSE / openSUSE 7 10-24-2004 04:43 AM
Should I be worried?? 3inone Linux - Security 1 08-20-2003 05:23 PM
Everything is installing.. still worried... Chijtska Linux From Scratch 1 02-12-2002 04:05 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration