On Saturday 19 March 2005 05:03, M.Rudra wrote: >On Fri, 18 Mar 2005 23:32:32 -0600, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: >> They don't need physical access, but at least network access to an >> account (login/password) on the system. If you haven't set up >> accounts for others or given out your password, no one will >> be able to cause this problem. > >Only we both have access on the Linux machine. Having heard Linux is >more secure was what prompted me to switch to it, but i guess i just >panicked on reading that article. >but a big thanks, to all of you for clearing my doubts. > >> If you have something important, back it up to removable media >> (CD/DVD/tape/USB hard drive, etc.) and keep it offline. You are >> more likely to have a hardware disk problem or make an error >> yourself that damages the files than to have a security related >> problem. Good backups will save your data either way. > >At our hospital we have a proper system with Linux servers and >backups, staff use a windows-like software custom built to our >requirements. >Its the home connection that was attacked twice online so I want to >install software to secure my home machine. > >This Iptable faq mentions that 2 ethernet cards are required to > setup a fire wall. >http://newbiedoc.sourceforge.net/networking/homegateway.html > >Is there an alternative to iptables as i dont have 2 cards nics are dirt cheap unless buying retail at circuit city. You should be able to find one for $15 US. >and how > do i get my kernel version? uname -r > if my kernel is below 2.4 version is > there any other firewall option on Fedora. ipchains, but to do it right, still needs 2 nics. The idea is that the first nic is the network interface, and with iptables, portsentry and tcpwrappers all setup, bad stuff will get droped before it can get any farther into the machine. The second nic then is the interface used by all the rest of your local network. I have that one feeding an 8 port switch so that my home network has some growing room, currently useing just 3 ports on it. However, iptables is the much prefered method as it does 'statefull filtering', meaning that if one of your machines inititates a connection to the internet, then the responses to its queries is allowed back in. But if that web site you just visited decides to attack your box 10 minutes later, it gets locked out. >i tried a command with this result " bash: modprobe: command not > found " ... actually most commands as a user give above result. >thanks for your time. >MR That sounds like your $PATH environment may not be set correctly and that modprobe does not live in the path you as a user can search. Modprobe is normally a root operation only. Try doing an 'su -' when you need root priviledges, the - sign gives you roots $PATH also. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.34% setiathome rank, not too shabby for a WV hillbilly Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved.