| 1 |
On 09/05/2009 12:56 PM, Dale wrote: |
| 2 |
> Hi, |
| 3 |
> |
| 4 |
> As some may know already, I recently got DSL. It's not a super fast |
| 5 |
> connection by broadband standards but it does mean that my box may be |
| 6 |
> easier to find for a hacker. So, I have a few questions about |
| 7 |
> security. I think I am OK but want to make sure. |
| 8 |
> |
| 9 |
> 1: I have a good root password. It's not something someone would guess |
| 10 |
> for sure. Nothing related to my history, birthdays or anything. It is |
| 11 |
> still fairly easy for me to type tho. |
| 12 |
|
| 13 |
That's always a good idea. But if you have SSH disabled, then it |
| 14 |
doesn't really matter. And with SSH enabled, root login is disabled by |
| 15 |
default, so... |
| 16 |
|
| 17 |
|
| 18 |
> 2: I went to this link: https://www.grc.com/x/ne.dll?bh0bkyd2 |
| 19 |
> According to that site my ports are in "stealth" mode which is good from |
| 20 |
> what I understand. |
| 21 |
|
| 22 |
"Stealth" ports give problems with p2p and file transfers (MSN and the |
| 23 |
like). A stealthed port means you can't be reached. Even if you want |
| 24 |
to be reached. If you encounter problems, for example no one can send |
| 25 |
you a file from IRC/MSN/etc you know what to blame. |
| 26 |
|
| 27 |
Also, even with "stealthed" ports, it's still possible to find you. |
| 28 |
When someone pings your machine, and you never reply, and nothing else |
| 29 |
replies, it means you're there :) That because if you're really not |
| 30 |
there, your ISP will reply to the pinger with "that IP is not there." |
| 31 |
If that doesn't happen, the pinger knows you're there and hiding behind |
| 32 |
your finger :) |
| 33 |
|
| 34 |
But some ISPs don't send that "no there" reply to the pinger, so in |
| 35 |
those cases, "stealth" ports might make sense. |
| 36 |
|
| 37 |
|
| 38 |
> 3: I have no servers running here. No Apache, MySql, or any of that. |
| 39 |
> I also have turned off/stopped ssh since I have only one box at the |
| 40 |
> moment. |
| 41 |
|
| 42 |
Then "stealth" ports are a bit useless since nothing is listening on |
| 43 |
those ports anyway. |
| 44 |
|
| 45 |
|
| 46 |
> The DSL modem I am using is the Motorola 2210. It seems to be a gateway |
| 47 |
> thing. I have no router at the moment but if I build a new rig I will |
| 48 |
> be getting one then. Most likely a Linksys or something. I'll post |
| 49 |
> here before getting one anyway. ;-) |
| 50 |
|
| 51 |
I think the Motorola *is* a router. That means you can just buy a cheap |
| 52 |
ethernet switch, connect it to the 2210 and then connect the machines to |
| 53 |
the switch and the 2210 will route everything just fine. |
Archives