[lug] security

[winrip]

>
>
> Check out http://www.linuxdoc.org/HOWTO/Security-HOWTO.html and
> http://www.tummy.com/isinglass/.  Then if you have questions post them to
> the list.  Kevin Fenzi and the people at tummy.com are members of this
> list.
>
> - Wayde
>   (wallen at boulder.nist.gov)

http://packetstorm.securify.com/papers/unix/Secure.Linux.for.Newbies.v1.1.txt
http://packetstorm.securify.com/papers/unix/unixsec.txt

Please excuse the lanuage in these papers I did not write them only read
'em....

You may also want to look at say portsentry. I've had to take the sentry level
back down to basic because it kept blocking my windows machines from telnetting
and things of that nature. The advanced methods are very good, two hours after
compiling, it had already blocked the intruder from his favorite ports, and
allowed me some time to use tcp wrappers to block the two ip's he was using. I
say two because the ip's were the same except for the last octet which was one
number off from the other. Lastly, a good ipchains rule set could help you
also.

My last objective in securing my network, atleast this is the plan,  is to move
services from well known ports up and use ipchains to forward traffic from the
well known ports through to another machine that will do much logging and
hopefully keep harmfull traffic from the rest of my machines by not allowing
connections from that machine anywhere on the network.  Do you guys think it'll
work?

Just one of my hair brained experiments......

Bill.