Linux Gazette: Building a Secure Gateway, part II | Linux Today
Security
SHARE
Facebook X Pinterest WhatsApp

Linux Gazette: Building a Secure Gateway, part II

Written By
Web Webster
Web Webster
Jul 15, 2000

“In the last article, we installed Linux with only those
packages we absolutly needed. (If you have not read my previous
article, you should do so now, as it is the base from which this is
built on.) Now comes the detail work, turning your gateway into
fortress. The first thing to understand is there is no way to be
completely secure. There is just not enough time to do it all,
Corporations employ huge IT departments, whose sole purpose in life
is to secure their networks, and still they get cracked. Just
accept it and get on with your life. Our real goal here is to keep
honest people honest, keep the Script Kiddies out and slow the rest
down, giving you opprotunity to discover them. Ideally, this should
be done right after the clean install, before the system ever gets
put on the Internet. This article assumes you know something about
Linux, how to install it, how to edit various configuration files,
and that you can log in as root.”

“I also assume you are setting up a firewall system and have no
intention of running DNS, DHCP, web, ftp or telnet server. If you
intend to run any of these services, I recommend setting up
seperate machines. Setup a DMZ on your network, a system which is
secured but allows connections from system outside your network.
This way if an intruder does penetrate your server, he will have to
start all over to penetrate your firewall system and you will
hopefully discovered his breakin before he is able to get access to
your internal network.”

“In the world of Computer Security, Knowledge is Power. Frankly
the Security Experts are always one step behind the Crackers, most
security issues are not discovered by the Experts, but by the
Crackers and are plugged only after they have been exploited.
You need to keep up to date on new problems, at the very least
you should be updating the packages as they come out. Type
“rpm -qa > packages.txt”, this gives you a list of the packages
and version numbers installed on your system, then go to Redhat’s
web site and download the updated packages. While you are there you
should read the security advisories and implement any changes they
suggest. If you are really proactive, subscribe to both the BugTraq
and CERT mailing lists.”

Complete
Story
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information