Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Linux

Reply
Thread Tools

Linux

 
 
Spammicus Killius
Guest
Posts: n/a
 
      01-10-2004
Whch Linux REh Hat etc.

Is the easier to configure for security purposes (I'm new to Linux)?

What other proggies that are not supplied with the install may be
needed.?


The Linux box will connect to B-Band & the Windows to it.

Spammicus Killius:NO EMAIL REPLIES
 
Reply With Quote
 
 
 
 
Dazz
Guest
Posts: n/a
 
      01-10-2004
On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
<(E-Mail Removed)> wrote:

>Whch Linux REh Hat etc.
>
>Is the easier to configure for security purposes (I'm new to Linux)?
>
>What other proggies that are not supplied with the install may be
>needed.?
>
>
>The Linux box will connect to B-Band & the Windows to it.


Learing linux is a good idea, however, you don't really want to learn
about security on something that is internet connected, because if you
misconfigure something, then the chances are that someone other than
you will "own" that box ... and pretty quickly too.

I'd recommend learning about security on another machine if at all
possible, at least until you have developed a better knowledge of
linux.

There's quite a few security distro's based on linux out there that
might make your life a little bit easier.

Check out the following sites:

http://www.smoothwall.org - Smoothwall.
http://www.ipcop.org - IPCop (a Smoothwall derivative).

There's quite a few others out there, but Smoothwall is one of the
best.

I used to avoid recommending Smoothwall to people, but that was all
due to an abusive former company director of Smoothwall - he has since
left the Smoothwall team.

There's plenty of security how-to's out there for linux, and a google
for securing linux shows up plenty of links.

http://www.google.com.au/search?q=ho...-8&hl=en&meta=

It might also be worthwhile heading over the The Linux Documentation
Project as well - http://www.tldp.org .

Dazz

>Spammicus Killius:NO EMAIL REPLIES


 
Reply With Quote
 
 
 
 
Hairy One Kenobi
Guest
Posts: n/a
 
      01-10-2004
"Dazz" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
> <(E-Mail Removed)> wrote:
>
> >Whch Linux REh Hat etc.
> >
> >Is the easier to configure for security purposes (I'm new to Linux)?
> >
> >What other proggies that are not supplied with the install may be
> >needed.?
> >
> >
> >The Linux box will connect to B-Band & the Windows to it.

>
> Learing linux is a good idea, however, you don't really want to learn
> about security on something that is internet connected, because if you
> misconfigure something, then the chances are that someone other than
> you will "own" that box ... and pretty quickly too.
>
> I'd recommend learning about security on another machine if at all
> possible, at least until you have developed a better knowledge of
> linux.
>
> There's quite a few security distro's based on linux out there that
> might make your life a little bit easier.
>
> Check out the following sites:
>
> http://www.smoothwall.org - Smoothwall.
> http://www.ipcop.org - IPCop (a Smoothwall derivative).
>
> There's quite a few others out there, but Smoothwall is one of the
> best.


If you want more than a pure firewall (Apache etc) than I've also used
ClarkConnect - it also helped that this was (at the time) based on the
shipping version of RH Linux, rather than the much older version that
SmoothWall was using (no support for my particular NICs).

One of the safer ways to learn is to setup a box in your DMZ, and play with
that..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!


 
Reply With Quote
 
Rowdy Yates
Guest
Posts: n/a
 
      01-10-2004
"Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
news:irZLb.472$(E-Mail Removed):

> "Dazz" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
>> <(E-Mail Removed)> wrote:
>>
>> >Whch Linux REh Hat etc.
>> >
>> >Is the easier to configure for security purposes (I'm new to Linux)?
>> >
>> >What other proggies that are not supplied with the install may be
>> >needed.?
>> >
>> >
>> >The Linux box will connect to B-Band & the Windows to it.

>>
>> Learing linux is a good idea, however, you don't really want to learn
>> about security on something that is internet connected, because if
>> you misconfigure something, then the chances are that someone other
>> than you will "own" that box ... and pretty quickly too.
>>
>> I'd recommend learning about security on another machine if at all
>> possible, at least until you have developed a better knowledge of
>> linux.
>>
>> There's quite a few security distro's based on linux out there that
>> might make your life a little bit easier.
>>
>> Check out the following sites:
>>
>> http://www.smoothwall.org - Smoothwall.
>> http://www.ipcop.org - IPCop (a Smoothwall derivative).
>>
>> There's quite a few others out there, but Smoothwall is one of the
>> best.

>
> If you want more than a pure firewall (Apache etc) than I've also used
> ClarkConnect - it also helped that this was (at the time) based on the
> shipping version of RH Linux, rather than the much older version that
> SmoothWall was using (no support for my particular NICs).
>
> One of the safer ways to learn is to setup a box in your DMZ, and play
> with that..
>


there are linux distro's that are specifically geared towards firewall
security. check out "distowatch" for a listing.

but as mentioned earlier, you want to be real good on linux if you are
going to use it as a security measure. you have to be able to know how to
go in and configure/edit config files.

--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com
 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      01-11-2004
"Rowdy Yates" <(E-Mail Removed)> wrote in message
news:Xns946CBF86A5EADrowdyyatesnospamlyco@66.185.9 5.104...
> "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
> news:irZLb.472$(E-Mail Removed):
>
> > "Dazz" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> >> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
> >> <(E-Mail Removed)> wrote:


<snip>

> >> There's quite a few security distro's based on linux out there that
> >> might make your life a little bit easier.
> >>
> >> Check out the following sites:
> >>
> >> http://www.smoothwall.org - Smoothwall.
> >> http://www.ipcop.org - IPCop (a Smoothwall derivative).
> >>
> >> There's quite a few others out there, but Smoothwall is one of the
> >> best.

> >
> > If you want more than a pure firewall (Apache etc) than I've also used
> > ClarkConnect - it also helped that this was (at the time) based on the
> > shipping version of RH Linux, rather than the much older version that
> > SmoothWall was using (no support for my particular NICs).
> >
> > One of the safer ways to learn is to setup a box in your DMZ, and play
> > with that..
> >

>
> there are linux distro's that are specifically geared towards firewall
> security. check out "distowatch" for a listing.
>
> but as mentioned earlier, you want to be real good on linux if you are
> going to use it as a security measure. you have to be able to know how to
> go in and configure/edit config files.


Erm.. quite. Like the ones listed above (!)

TBH, neither SmoothWall of ClarkConnect requires more than a very basic
knowledge of computers to get set up. (With the possible exception of
playing guess-the-NIC with very old versions of SmoothWall).

ClarkConnect isn't a true firewall (it tries to do too much), but is (IMHO)
a good compromise for a home user who wishes to run a small website on their
connection. It gets a bit "fun" if you try and configure it to forward FTP
elsewhere, though ;o)

H1K


 
Reply With Quote
 
Rowdy Yates
Guest
Posts: n/a
 
      01-11-2004
"Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
newsi9Mb.801$(E-Mail Removed):

> "Rowdy Yates" <(E-Mail Removed)> wrote in message
> news:Xns946CBF86A5EADrowdyyatesnospamlyco@66.185.9 5.104...
>> "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
>> news:irZLb.472$(E-Mail Removed):
>>
>> > "Dazz" <(E-Mail Removed)> wrote in message
>> > news:(E-Mail Removed)...
>> >> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
>> >> <(E-Mail Removed)> wrote:

>
> <snip>
>
>> >> There's quite a few security distro's based on linux out there
>> >> that might make your life a little bit easier.
>> >>
>> >> Check out the following sites:
>> >>
>> >> http://www.smoothwall.org - Smoothwall.
>> >> http://www.ipcop.org - IPCop (a Smoothwall derivative).
>> >>
>> >> There's quite a few others out there, but Smoothwall is one of the
>> >> best.
>> >
>> > If you want more than a pure firewall (Apache etc) than I've also
>> > used ClarkConnect - it also helped that this was (at the time)
>> > based on the shipping version of RH Linux, rather than the much
>> > older version that SmoothWall was using (no support for my
>> > particular NICs).
>> >
>> > One of the safer ways to learn is to setup a box in your DMZ, and
>> > play with that..
>> >

>>
>> there are linux distro's that are specifically geared towards
>> firewall security. check out "distowatch" for a listing.
>>
>> but as mentioned earlier, you want to be real good on linux if you
>> are going to use it as a security measure. you have to be able to
>> know how to go in and configure/edit config files.

>
> Erm.. quite. Like the ones listed above (!)
>
> TBH, neither SmoothWall of ClarkConnect requires more than a very
> basic knowledge of computers to get set up. (With the possible
> exception of playing guess-the-NIC with very old versions of
> SmoothWall).
>
> ClarkConnect isn't a true firewall (it tries to do too much), but is
> (IMHO) a good compromise for a home user who wishes to run a small
> website on their connection. It gets a bit "fun" if you try and
> configure it to forward FTP elsewhere, though ;o)
>
> H1K
>
>
>


point taken. still, you should be pretty good w/linux - to use it as an
enterprise firewall. you want to be able to go in there and do
cusomizatons without relying on ng's & opensource community to hold your
hand every step of the way.



--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com
 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      01-11-2004
"Rowdy Yates" <(E-Mail Removed)> wrote in message
news:Xns946D62157CE5Frowdyyatesnospamlyco@66.185.9 5.104...
> "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
> newsi9Mb.801$(E-Mail Removed):
>
> > "Rowdy Yates" <(E-Mail Removed)> wrote in message
> > news:Xns946CBF86A5EADrowdyyatesnospamlyco@66.185.9 5.104...
> >> "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
> >> news:irZLb.472$(E-Mail Removed):
> >>
> >> > "Dazz" <(E-Mail Removed)> wrote in message
> >> > news:(E-Mail Removed)...
> >> >> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
> >> >> <(E-Mail Removed)> wrote:

> >
> > <snip>
> >
> >> >> There's quite a few security distro's based on linux out there
> >> >> that might make your life a little bit easier.
> >> >>
> >> >> Check out the following sites:
> >> >>
> >> >> http://www.smoothwall.org - Smoothwall.
> >> >> http://www.ipcop.org - IPCop (a Smoothwall derivative).
> >> >>
> >> >> There's quite a few others out there, but Smoothwall is one of the
> >> >> best.
> >> >
> >> > If you want more than a pure firewall (Apache etc) than I've also
> >> > used ClarkConnect - it also helped that this was (at the time)
> >> > based on the shipping version of RH Linux, rather than the much
> >> > older version that SmoothWall was using (no support for my
> >> > particular NICs).
> >> >
> >> > One of the safer ways to learn is to setup a box in your DMZ, and
> >> > play with that..
> >> >
> >>
> >> there are linux distro's that are specifically geared towards
> >> firewall security. check out "distowatch" for a listing.
> >>
> >> but as mentioned earlier, you want to be real good on linux if you
> >> are going to use it as a security measure. you have to be able to
> >> know how to go in and configure/edit config files.

> >
> > Erm.. quite. Like the ones listed above (!)
> >
> > TBH, neither SmoothWall of ClarkConnect requires more than a very
> > basic knowledge of computers to get set up. (With the possible
> > exception of playing guess-the-NIC with very old versions of
> > SmoothWall).
> >
> > ClarkConnect isn't a true firewall (it tries to do too much), but is
> > (IMHO) a good compromise for a home user who wishes to run a small
> > website on their connection. It gets a bit "fun" if you try and
> > configure it to forward FTP elsewhere, though ;o)


> point taken. still, you should be pretty good w/linux - to use it as an
> enterprise firewall. you want to be able to go in there and do
> cusomizatons without relying on ng's & opensource community to hold your
> hand every step of the way.


Sorry - loggerheads time ;o)

The main technical challenge I found with ClarkConnect (not necessarily
something one would use an an Enterprise firewall/server, unless we're
talking TNG's Mr. Data ;o) was inserting the CD the right way up.

Given /that/ it's not exactly difficult to install. Like most similar
distros, it either "just happens" or you get to duplicate the "ducks look
serene from above the waterline" view of life ;o)

(For those people about to claim a convert: Linux wobbles just as well as it
rocks. Ditto Windows, and any form of *nix that I've come across. Even VMS
and mainframe stuff, if one "pushes" hard enough.

As goes relative vulnerabilities - when was the last time *you* debugged a
HAL-9000? ;o)

H1K

P.S. I /did/ get the CD the right way up.. ;o)

P.P.S. Kudos to the guy/gal that remembers the AE-35 component in Linux -
came across it years back, can't remember!


 
Reply With Quote
 
Richard Steven Hack
Guest
Posts: n/a
 
      01-12-2004
On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
<(E-Mail Removed)> wrote:

>Whch Linux REh Hat etc.
>
>Is the easier to configure for security purposes (I'm new to Linux)?
>
>What other proggies that are not supplied with the install may be
>needed.?
>
>The Linux box will connect to B-Band & the Windows to it.


Any of the major distros will do - the most user-friendly ones are
Mandrake, Lycoris and Xandros - the latter two because they try to
make their desktop look like Windows a bit.

For security, look into Guarddog and Bastille Linux - the former is a
front-end to setting up the built-in Linux firewall, the latter is a
set of scripts that helps lock down Linux while informing you about
why and how it should be locked down.

Guarddog is here http://www.simonzone.com/software/guarddog/

Bastille Linux is here http://www.bastille-linux.org/


--
Richard Steven Hack
"Whatever does not kill me makes me stronger" -
and YOU have not killed me!
 
Reply With Quote
 
elsid
Guest
Posts: n/a
 
      01-12-2004

"Richard Steven Hack" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sat, 10 Jan 2004 14:27:05 +0000, Spammicus Killius
> <(E-Mail Removed)> wrote:
>
> >Whch Linux REh Hat etc.
> >
> >Is the easier to configure for security purposes (I'm new to Linux)?
> >
> >What other proggies that are not supplied with the install may be
> >needed.?
> >

To really lock down your system see Mastiff, www.crbn.com for a free trail
that supports up to 3 systems. Give your files total protection from
hackers, terrorists, industrial spies and even government intelligence
agencies.

Ben


 
Reply With Quote
 
Richard Steven Hack
Guest
Posts: n/a
 
      01-13-2004
On Mon, 12 Jan 2004 08:24:43 -0800, "elsid" <(E-Mail Removed)> wrote:

>To really lock down your system see Mastiff, www.crbn.com for a free trail
>that supports up to 3 systems. Give your files total protection from
>hackers, terrorists, industrial spies and even government intelligence
>agencies.


Just looking at that Web site makes me suspicious. A quick Google
shows this software has been spammed all over the place but does not
appear to have reviewed by any recognized security organization. They
even have a Freshmeat page put up by the same handle used to place the
ads all over the place, one "elsid".

And nothing is going to keep the NSA out of your system if they want
in, if they have to black-bag you.

This rings like really fraudulent spam crap.

Until someone competent reviews this stuff - which claims to be able
to override even "super-user privileges" - which sounds like bullshit
to me - I wouldn't touch this thing with a ten-foot pole.


--
Richard Steven Hack
"Whatever does not kill me makes me stronger" -
and YOU have not killed me!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Is Netscape Leaving Firefox Behind on GNU/Linux? THE LINUX PROPAGANDA MACHINE CONTINUES. FIREFOX IGNORING LINUX............. traci.manicotti@gmail.com Computer Support 2 10-20-2007 02:12 PM
Linux... yeah linux.. Linux Have a nice cup of pee NZ Computing 19 04-17-2006 10:16 AM
Importing TB mail from linux in linux Nick de Graeve Firefox 0 10-04-2004 10:49 AM
Linux and vpnclient-linux-4.0.3.B-k9 install problem JSH Cisco 0 06-07-2004 03:56 AM
Linux-Cisco-ADSL-Cisco-Linux Connection hangs.... Adrian de los Santos Cisco 6 07-22-2003 04:44 AM



Advertisments