Jeff Vian wrote:
On Mon, 2005-10-03 at 11:41 +1000, Ian wrote:
Scot L. Harris wrote:
On Sat, 2005-10-01 at 18:53, Ian Harris wrote:
On Sat, 1 Oct 2005 01:46 pm, Scot L. Harris wrote:
snip
Excellent advice. I don't have any servers or a network though, my PC is
just a home PC connected directly to the net.
At one stage I had a home network set up with Smoothwall on a dedicated
PC, which had snort enabled. I used to check the logs occasionally, and
I was always gobsmacked at how many attempts to hack the box were
recorded. Hundreds a day sometimes.
Cheers, Ian
I beg to differ with you.
Your home PC attached to the net IS on a network and IS a server. The
complete list of services you have enabled is optional but by default
some are (assuming Linux of course), and thus tools for protection are
needed. I get attacks on httpd and on sshd (the only ports I allow
remote connection to) regularly in a similar scenario.
Different types and styles of networking have differing requirements but
even a single home PC needs some form of protection (unless it is
stand-alone and never connects to ANY network - a rarity indeed
nowdays).
Couldn't agree more. I used Norton for years on Windoze, and use
Zonealarm now. Wouldn't consider connecting to the net without them.
When I installed FC4 I ensured no services where set up (http, ftp, etc)
because I couldn't think of a reason for letting other people on the net
connect to my PC without me connecting to them first. So, in terms of my
rather meagre understanding, I'm not serving anything to anybody on the
net. I'm still vulnerable to port scans and other hacker activity of
course, and this is all I'm trying to protect myself against. Since I
don't *really* understand selinux, iptables, firestarter et al (haven't
RTFMed yet) I'm just hoping the default settings as set up by the FC4
install are adequate for my purposes. So far no problems <touch wood>.
Cheers, Ian
