[oclug] Security Software
David F. Skoll
dfs at roaringpenguin.com
Wed Jan 31 10:51:25 EST 2001
> When you tighten down the security on your machine, what do you do?
> - which software do you use
Linux ipchains, snort (http://www.snort.org) for intrusion detection,
and swatch (check www.freshmeat.net) for logfile monitoring.
> - which ports do you allow
None at all. Unless you really need to run services, close all
privileged ports (ports < 1024). If you run X, close TCP ports
6000-6063. If you run NFS, close TCP and UDP 2049.
Also, don't even run telnetd, inetd, the portmapper, etc. unless you need
More information about the OCLUG