LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Mandriva (https://www.linuxquestions.org/questions/mandriva-30/)
-   -   ping and IP addresses (https://www.linuxquestions.org/questions/mandriva-30/ping-and-ip-addresses-194069/)

BACTRATE 06-16-2004 03:29 AM
ping and IP addresses
 
I have read that to test my machine security I should use ping from a remote computer.But how do I find the ip adddress of my own machine to enable me to do this.
Thanks in advance for any help.


Dave

jschiwal 06-16-2004 04:01 AM
Pinging will check for connectivity if you computer responds to pings, but it has little to do with security.
Check whether you need the services that are running. Be sure to set up the firewall in the MCC->security section. Make a habit of installing security updates. Don't run programs that are unsecure, like telnet.
There is a lot more that needs to be done to secure your machine, and it's still no guarantee, no matter which operating system you use.

RockmanExe 06-16-2004 10:09 AM
use 'ifconfig' from command line. Assuming you only have one ethernet card, it should be:

ifconfig eth0

Hope this helps

jschiwal 06-16-2004 06:49 PM
The chkconfig command will also provide information on which ports are open. There are tools you could use at another computer to look at your linux box. The best way to use them may be from the webmin program.

* Be sure to select good passwords.
* Check for setuid and setgid programs. Are they needed.
* Eliminate unused services.
* Limit the size of core dumps ( Done by default on Mandrake )
* Learn how encryption & authentication works so you don't install
tainted software. Hackers are now trying to compromise CVS open source repositories.
* use the msec program to warn you of bad permission setting on directories or files
and whether a program has been altered in the past 24 hours.
* Servers should be set up to run in a jail (see chroot HowTo) if possible.
* Some programs like 'mail' have escape to shell charactors which must be plugged by setting
the proper shell environment values. If it is a setuid root program, this would be very bad.
* If you have a number of computers on your network that use a gateway
computer, running 'snort' on the firewall will warn you on many kinds of
attacks.
* Monitor the security section of this website, and others.
* Don't use protocols that are found to be unsecure. The ssh2 protocol is more secure than
the ssh1 protocol. Cracking ssh1 is still very difficult, but easier than ssh2. By default, if the
calling host doesn't support ssh2, ssh1 is used as a fallback unless you set it up to only use
ssh2. The international banking network ( in the 80's before ssh ) was cracked because the
security system would fall back to an unsecure system if it couldn't make a connection. The
hackers cracked it by a denial of service attack causing the backs to use a protocol that they
knew how to hack.

There isn't one simple thing to check for and the target keeps moving. I read a book on firewalls. The author worked for a security firm, and was able to demonstrate that it was possible to read the traffic of a wireless office network from a distance of 20 miles.

A linux box used as a dedicated gateway computer for instance has
extremely little installed on it.

I hope I haven't scared you too much. Too often I will read messages from complacent users saying to install the firewall and you are completely safe.


All times are GMT -5. The time now is 09:17 PM.