Gentoo Archives: gentoo-user

From: Grant <emailgrant@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Hardening a laptop for travel
Date: Mon, 10 Dec 2007 16:55:49
Message-Id: 49bf44f10712100850lc35be49i9aae11b0c486820d@mail.gmail.com
In Reply to: Re: [gentoo-user] Hardening a laptop for travel by Mick
1 > > > I have shorewall set up on my router but I haven't set up anything
2 > > > security-wise for my laptop which normally sits behind the router.
3 > > > What should I be setting up on the laptop in preparation for traveling
4 > > > and connecting via a foreign network or even directly to the Internet?
5 > > > I don't run sshd on the laptop. I would think shorewall, but am I
6 > > > forgetting anything?
7 > >
8 > > At the very least I'd do the following with iptables:
9 > >
10 > > iptables -P INPUT DROP
11 > > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
12 > > iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
13 >
14 > This line is only needed if you want to forward packets to another
15 > iface/device (i.e. when your laptop is acting as a router and the input
16 > interface is eth0).
17
18 Alright I guess I'll just set up shorewall on the laptop with a config
19 similar to the router's. Maybe I'll set up shorewall on the other
20 system in my local network while I'm at it.
21
22 - Grant
23 --
24 gentoo-user@g.o mailing list

Replies

Subject Author
[gentoo-user] Re: Hardening a laptop for travel reader@×××××××.com
Re: [gentoo-user] Hardening a laptop for travel William Kenworthy <billk@×××××××××.au>