-
basic post-hdinstall security
I'm new to knoppix. What do I need to do right after installing to get secure? I know most new boxes get probed quickly so I'm anxious to get my security up.
-
Administrator
Site Admin-
For a start and for a DSL user like yourself, I consider a router an absolute must. I would not connect high speed without one. Windows is more vulnerable than Linux, and Knoppix run from CD is pretty secure. But Linux attacks are getting worse, and particularly if you think installing Knoppix to hard disk is a good idea, then I would start at using a router.
A DSL/cable router will give you a good hardware firewall and your system can't be "probed" through it unless you set it up wrong, do something stupid like run an infected program, or move into the "dmz". These things are dirt cheap now; my little Linksys originally cost arround $150, I paid over $100 for it and it was still worth it (and I'm a cheap s.o.b.). Now this and other routers, many even wireless routers, are frequently sold at $10 US or less after reate and usually not much more without a rebate. You can still buy expensive routers, but they are not usually a good choice. If you don't know why you need an expensive one, don't just think it must be better because it costs more.
A router will also make your use of Knoppix much cleaner. You will not have to run PPPoE software, for example. And if you still use Windows that will be much safer (after you clean out the infections you must have by now without one).
I expect others will join in with some of the Linux security and firewall issues as well.
---
Verifying of md5 checksum and burning a CD at slow speed are important.
-
really now
Getting a router is the tip of the iceberg when it comes to security. Everyone is eventually going to have to open a port or use a service of some kind, besides there are known exploits for 2wire routers, certain linksys models, and plenty of reverse backdoors that barely give notice to the router. I would suggest doing the following things to begin.
-Edit /etc/inetd.conf and comment out any services you don't need
-Google rc.firewall
-Get a rookit hunter
-You may want to look into /etc/hosts.allow and hosts.deny if you only have certain people you want connecting
-Always use public keys for ssh
-Do not trust anyone
Anyway you can build on this but this is good for getting secure quickly.
Similar Threads
-
By anders in forum Hardware & Booting
Replies: 3
Last Post: 04-24-2005, 05:35 AM
-
By lavaman094 in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 09-01-2004, 02:09 PM
-
By hybridus in forum General Support
Replies: 2
Last Post: 03-27-2004, 10:24 PM
-
By schunn99 in forum The Lounge
Replies: 2
Last Post: 02-27-2004, 02:22 AM
-
Replies: 1
Last Post: 04-10-2003, 02:52 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Dell PowerEdge M610 Blade Server E5620@2.2GHZ (6x)8GB RAM (2x)146GB 15K SAS HDD
$75.00
DELL PowerEdge R730XD 24x 2.5" Server Dual 750W Dual Heatsink - BareBones TESTED
$299.99
Supermicro 4U 36 Bay Storage Server 2.4Ghz 8-C 128GB 1x1280W Rails TrueNAS ZFS
$721.06
H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 256GB RAM 8x25G NIC 2x2200W
$2512.18
DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45
$275.00
Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB
$510.00
Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD
$389.99
Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x600Gb SAS, Proxmox
$340.00
Dell PowerEdge R820 Server 4x E5-4620 2.2GHz 32-Core Total 256GB 0HD 2x 1100w
$315.00
Dell PowerEdge R620 Rack Server
$71.99