Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-26-2006, 06:34 PM
|
#1
|
Member
Registered: Mar 2006
Location: Lithuania
Distribution: Slackware-12.2
Posts: 102
Rep:
|
Security - to be safe on slackware 10.2
Hi, i am newbie in slackware.
I want to know what security (firewall, antivirus, logging not with "root") to use, to be safe.
Slackware i am using for home PC without other computers (one PC).
Can somebody give me good advices?
|
|
|
03-26-2006, 09:29 PM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
make sure you block all incoming connections with iptables...
get rid of any software you have installed which you don't need...
make sure you always keep your system up to date with the latest patches that patrick volkerding puts out...
use the firefox web browser, and install the noscript extension...
just my two cents...
Last edited by win32sux; 03-26-2006 at 09:32 PM.
|
|
|
03-26-2006, 10:03 PM
|
#3
|
Member
Registered: Nov 2005
Location: Columbus, OH, USA
Distribution: Slackware
Posts: 246
Rep:
|
Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening. Restart inetd with "/etc/rc.d/rc.inetd restart"
Also, any services you're only using locally (CUPS, Sendmail, X etc. etc.) should be set up to only listen on localhost.
Project Files has a nice rc.firewall script that can be dropped into /etc/rc.d/ (and chmod +x) that blocks all incoming connections by default. It's easy to edit (very well commented). http://projectfiles.com/firewall/ (get the latest 2.0 version).
You can subscribe to the "security" mailing list over at slackware.com for notifications of any necessary updates. Security patches can be found at:
ftp://ftp.slackware.com/pub/slackwar...ches/packages/
There are some 60 updates there for 10.2 -- not all of which you'll need.
Probably a bunch of things I've missed...
|
|
|
03-26-2006, 10:08 PM
|
#4
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by odevans
Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening. Restart inetd with "/etc/rc.d/rc.inetd restart"
|
or you could also just uninstall inetd...
|
|
|
03-27-2006, 11:21 AM
|
#5
|
Senior Member
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705
Rep:
|
Quote:
Originally Posted by win32sux
or you could also just uninstall inetd...
|
Yeah, exactly. chmod -x on all the stuff you don't want to run. I love the way Pat set stuff up. It's so easy to change without even editing a file!
|
|
|
03-27-2006, 11:33 AM
|
#6
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
Quote:
Originally Posted by odevans
If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening.
|
Auth is used for identification, for example, when you are logging to IRC server. So if you are planning to chat on IRC, don't disable it. Otherwise you will have to wait for server's response.
Sadly, don't know about time purpose.
|
|
|
03-27-2006, 04:39 PM
|
#7
|
Member
Registered: Mar 2006
Location: Lithuania
Distribution: Slackware-12.2
Posts: 102
Original Poster
Rep:
|
Thanks for the advices
I want more information please post more
Last edited by Hondro; 03-27-2006 at 04:47 PM.
|
|
|
03-27-2006, 11:47 PM
|
#8
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,432
|
I have my slackware box running using DHCP and have it behind a router, a NAT firewall isn't perfect, but, it provides some protection.
|
|
|
03-29-2006, 01:47 PM
|
#9
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
well, another thing you could do to harden your box is to recompile your kernel using a stripped-down config (only the options you need) and also you could patch it with the grsecurity patch: http://www.grsecurity.net/
if you need a kernel compile guide here's a neat one:
http://www.digitalhermit.com/linux/K...ild-HOWTO.html
|
|
|
03-29-2006, 07:07 PM
|
#10
|
LQ Newbie
Registered: Mar 2006
Distribution: Slackware 10.2 / Linux 2.4.
Posts: 4
Rep:
|
Thanks evrery one for those advises.
|
|
|
03-29-2006, 07:43 PM
|
#11
|
Member
Registered: Aug 2004
Location: Aguascalientes, AGS. Mexico.
Distribution: Slackware 13.0 kernel 2.6.29.6
Posts: 816
Rep:
|
Quote:
Originally Posted by odevans
Edit /etc/inetd.conf and comment out lines representing services you don't need. If I remember right (a long-shot, granted), ports 37 (time) and 113 (auth) are unnecessarily listening...
|
good to know those ports are good-for-nothing .... closing ... done. Fine
now, why do those 2 ports come open by default if are not used?
|
|
|
All times are GMT -5. The time now is 04:01 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|