1 |
On Wed, 2005-08-03 at 23:37 +0200, Ryan Viljoen wrote: |
2 |
> Joseph could you direct me toward a how to on how to set that up, please. |
3 |
|
4 |
I use freesco firewall and they have small package (add-on) called |
5 |
knock, you can install it on a floppy see my howto: |
6 |
http://forums.freesco.org/support/index.php?showtopic=13731 |
7 |
but eventually I moved it to HD (as I had too much problems with 1.68Mb |
8 |
floppies) |
9 |
My intension was to use this setup to print to a remote printer location |
10 |
over SSH, and it works like a charm. |
11 |
|
12 |
The knock demon runs on firewall (that is the best setup) and listen for |
13 |
specific knock sequence. You can open any port this way. |
14 |
If you have a Gentoo based firewall, knock in in portage but your |
15 |
machine must more mussels to run Gentoo; and Freesco will run on any |
16 |
"door-stopper" starting from 486. |
17 |
|
18 |
-- |
19 |
#Joseph |
20 |
|
21 |
> Raphael have you gone through |
22 |
> http://www.gentoo.org/doc/en/security/index.xml it has some good |
23 |
> points and worth going through and ticking off each one. |
24 |
> |
25 |
> Cheers |
26 |
> Rav |
27 |
> |
28 |
> On 8/3/05, Joseph <syscon@×××××××××.com> wrote: |
29 |
> > On Tue, 2005-08-02 at 23:50 +0000, Raphael Melo de Oliveira Bastos Sales |
30 |
> > wrote: |
31 |
> > > Hi there, |
32 |
> > > |
33 |
> > > I was wondering what tools should I use to detect security flaws to |
34 |
> > > my server and a few tips on how to use them. What are the most common |
35 |
> > > forms of attack and how do I avoid being attacked by one of them? |
36 |
> > > |
37 |
> > > The services avaliable are only Apache - SSL and SSH. I've |
38 |
> > > installed an firewall, iptables and firestarter to control it, and |
39 |
> > > blocked all ports except 443 and 8080, where the SSH is listening. |
40 |
> > > Apache has PHP installed as a module. |
41 |
> > > |
42 |
> > > Thanks for the attention, |
43 |
> > > |
44 |
> > > Raphael. |
45 |
> > |
46 |
> > I have port knocking installed on firewall, to further protect any SSH |
47 |
> > attacks. |
48 |
> > So port 22 is closed (in stealth mode) and only opens if it received the |
49 |
> > right knock sequence, moreover it is only opened to an IP address from |
50 |
> > which received successful knock sequence; all others see this port as |
51 |
> > closed (in stealth mode). |
52 |
> > |
53 |
> > -- |
54 |
> > #Joseph |
55 |
|
56 |
-- |
57 |
gentoo-user@g.o mailing list |