“In the first part of this series, we discussed the installation
of Trustix, a secured Linux distribution, on our client’s new
firewall machine, wolf.example.com. In the second part, we detailed
setting up services on wolf to provide functionality comparable to
that of the server wolf replaced, plains.example.com. In this
third and last installment, we will discuss some of the additional
security measures we took to further protect our client’s data.
Those included firewall setup and the installation of
intrusion-detection tools, along with local security
measures.“
“After installing such services, it would be possible to get a
false sense of security about the firewall system. But all the
security software and setup in the world is worthless without
regular monitoring. It is crucial that human beings look at the
reports generated by the software and monitor security mailing
lists for new vulnerabilities.”
“A firewall is a router that refuses to route and thus prevents
outside traffic from reaching the inside. We chose to poke several
holes through the firewall to permit a few different kinds of
traffic through, but a pure firewall would allow no traffic at all.
As discussed in the previous installment, the services running on
our firewall, wolf, are Postfix, Squid, and FTPD.”