need a volunteer

Frank J. Carmickle frankiec at braille.uwo.ca
Sat Oct 28 02:23:35 EDT 2000 

Ok Brian.
How secure do you want this machine that lives on the wonderfully unsecure
network of athome?  I would imagine that you want something that's a
little tighter then what you have right now.  When I portscan you I see 21
23 24 80 110 and 113.  Looks everything else is closed up.  My
recommendation to you is to get ssh on your box and forget about telnet
and ftp for starters.  Why you have pop3 waiting for connections is
something else I would think you would want shut down.  If you really need
http keep it.  However if you have another machine that you can
specifically set up as a firewall you will be a lot happier to know that
all of the trafic to your http server can be logged.  Same goes for
everything else.  

One thing that you really also want to have happening is some ipchains
rules setup so that your machine doesn't respond to portscans or ping
requests.  This should fool most people looking around to find someone
valnerable.  I'll post a ipchain rule set that has a lot of this done for
you already.  Then Kerry can go over it with a fine tooth comb and tell me
what's wrong with it.

HTH
FC


On Fri, 27 Oct 2000, brian Moore wrote:

> Greetings all.  okay finally got my linux box up and all my services
> running the way I want.  my mail server is finally doing what I want.  I
> think i have all my ipchains rules setup right and pluged all the security
> holes I know of.  the one I'm not clear on is my port 25 security.  if this
> machine ever becomes a spam host, I will have to shoot myself so I want to
> make real sure that no one except those in my local network can use it.
> probably asking for trouble but got all my logging on verbose to see what
> happens.  can someone try and use my smtp server and see if you can.  if
> you notice anything else, let me know as well.
> 
> would really apreciate it.
> 
> host is bmoore.yi.org
> thanks.  brian.
> 
> 
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>

More information about the Speakup mailing list