have you considered using a hardware router/firewall (i.e. 3com, linksys)?
The Netscreen has a (relatively) lowcost (appox. $400) router/firewall that
is VERY rich in features (bandwidth management, content filtering). It can
even respond to two public IPs.
----- Original Message -----
From: <JVergara@equinox.com>
To: <slug@nks.net>
Sent: Friday, January 11, 2002 10:51 AM
Subject: [SLUG] Detailed question about securing an small business Linux
Server
>
> I have a question for the security gurus out there about setting up
> security measures (using Ipchains or other methods) to close ports
> against eventual break ins.
>
> I am using a Linux RH 7.2 with two network cards - eth0 connects to
> the internal network (192.162.0.) and the eth1 is connected via pppoe
> to the Internet using ADSL. (so the IP address changes every time you
> restart pppoe).
>
> I am using the Linux server as internal pop server, smtp server
> (using qmail) , samba server and ssh server.
>
> When I run nmap -v in each interface, I get that the POP3 (110), smtp
> (25), ssh(22), smb, sunrpc(111) are open in both interfaces.
>
> How do I do it to close the ports POP3 and samba only for the external
> interface (eth1 or ppp0 ?) or to deny incoming connections from the
> internet?
> Should I close the smtp port for the external interface too?
>
> What do you need the sunrpc (111) port open for?
>
> Do you know of a good tutorial to understand ipchain rules better?
> RH 7.2 sets some rules to secure your server but I don't know if they
> are good enough.
>
> Thanks ,
>
> Juan Vergara
>
>
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:41:53 EDT