Fedora Users — Re: Is my computer safe enough if I use just iptables?

Re: Is my computer safe enough if I use just iptables?

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: Re: Is my computer safe enough if I use just iptables?

From: Harry Hoffman <hhoffman@xxxxxxxxxxxxxxxx>

Date: Fri, 15 Oct 2004 09:29:58 -0400

In-reply-to: <[email protected]>

References: <[email protected]> <[email protected]>

Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922

Simply put *NO* you are not safe enough. At the very least I would run a personal proxy (such as privoxy).

A bit more paranoid... Turn off java and javascript. Prompt for all cookies and then only allow them to be session cookies.

Even more paranoid... Setup your iptables to DROP by default INPUT and OUTPUT. Log the OUTPUT attempts and decide what should be passed (That way any "funny business" is less likely to happen).

This won't make you "totally" secure but you'll be a few steps ahead of most curves.

HTH,
Harry

On Fri, 2004-10-15 at 07:32, VJ wrote:

Hi,
 I have firewall script using iptables which runs from
/etc/rc.d/rc.local. This script does nothing except allowing just http,
smtp for outer world(inbound). All type of connections are allowed from
the machine to the outerworld (outbound). I have not set anything else
like in hosts.deny/hosts.allow or sshd.conf.
 My question is, according to your knowledge, is my computer safe enough?
Till now I have not suffered from any proble, but this cannot go on
for-ever.