:Security Portal: How Do I Tighten Security on My System?
Security Portal: How Do I Tighten Security on My System? Jul 31, 2000, 08 :54 UTC (0 Talkback[s]) (3237 reads) (Other stories by Jay Beale)
"In my last article, "Why do I have to
harden?", I discussed how security exploits develop and why
you must do more than just patch. Here, I explain what that
"do more" bit means. "Hardening" a system is the practice of
making that system much harder to crack. I like to think that
this involves steps not only to prevent break-ins, but also to
detect them when they happen...."
"A standard firewall simply blocks TCP/UDP/ICMP packets according to rules you specify. Usually,
you use these to restrict incoming traffic to certain programs/services. For example, you should
block incoming NFS/Samba requests from the Internet, as these file-sharing protocols are only
designed for local area network use. In addition, you might block off the Windows file-sharing ports,
TCP/UDP 137-139, to block the increasingly popular macro-virus Trojaning method. Kurt Seifried's
Linux Administrator's Security Guide has excellent information on firewalling particular applications...."
"Patching is massively important! A machine running a year-old Operating System version is usually
rather vulnerable. Patching doesn't take much time and is, hands down, one of the most effective
steps you can take towards thwarting crackers. It's really important to keep up with this, by the way
- as I showed in my last article, your window of vulnerability is pretty long, even without
procrastinating on patches."
