[lug] Static IP address

D. Stimits stimits at idcomm.com
Wed Sep 19 15:10:36 MDT 2001


David wrote:
> 
> I am in the process of obtaining a static ip address so that someone
> else can let me through his firewall.  The questions are: what are the
> dangers & advantages of a static address; is there anything I should
> or can do to make my machine more-secure/less-insecure, whichever it
> is.  Currently I am KRUD/Redhat 7.0 with a standard firewall, dialup,
> ppp.
> 
> dajo
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

firewall, firewall, firewall. Did I mention to firewall? Go to
ftp://updates.redhat.com, use rpm -Fvh on packages needing update (don't
do that with the kernel though until you know you need the kernel, it's
the other packages I'd worry about).

Make sure all of your DNS ports accept connections only from known
addresses that require this. Quite likely the supplier of your IP will
provide DNS to the rest of the world, find out, and if so, open it up
only to your known DNS primary/secondary/tertiary sources. Be sure to
block by default, and open up only as specifically needed. On top of
that, firewall the "not well known" ports above 1024 in specific cases,
like 6000:6010 for X11, except in special cases. So on.

D. Stimits, stimits at idcomm.com



More information about the LUG mailing list