Security Portal: How Do I Tighten Security on My System?Jul 31, 2000, 08:54 (0 Talkback[s])
(Other stories by Jay Beale)
"In my last article, "Why do I have to harden?", I discussed how security exploits develop and why you must do more than just patch. Here, I explain what that "do more" bit means. "Hardening" a system is the practice of making that system much harder to crack. I like to think that this involves steps not only to prevent break-ins, but also to detect them when they happen...."
"A standard firewall simply blocks TCP/UDP/ICMP packets according to rules you specify. Usually, you use these to restrict incoming traffic to certain programs/services. For example, you should block incoming NFS/Samba requests from the Internet, as these file-sharing protocols are only designed for local area network use. In addition, you might block off the Windows file-sharing ports, TCP/UDP 137-139, to block the increasingly popular macro-virus Trojaning method. Kurt Seifried's Linux Administrator's Security Guide has excellent information on firewalling particular applications...."
"Patching is massively important! A machine running a year-old Operating System version is usually rather vulnerable. Patching doesn't take much time and is, hands down, one of the most effective steps you can take towards thwarting crackers. It's really important to keep up with this, by the way - as I showed in my last article, your window of vulnerability is pretty long, even without procrastinating on patches."