Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Joseph <syscon@×××××××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Testing how secure a server is...
Date: Wed, 03 Aug 2005 22:11:23
Message-Id: 1123106748.32731.46.camel@sysconcept.ca
In Reply to: Re: [gentoo-user] Testing how secure a server is... by Ryan Viljoen
1 On Wed, 2005-08-03 at 23:37 +0200, Ryan Viljoen wrote:
2 > Joseph could you direct me toward a how to on how to set that up, please.
3
4 I use freesco firewall and they have small package (add-on) called
5 knock, you can install it on a floppy see my howto:
6 http://forums.freesco.org/support/index.php?showtopic=13731
7 but eventually I moved it to HD (as I had too much problems with 1.68Mb
8 floppies)
9 My intension was to use this setup to print to a remote printer location
10 over SSH, and it works like a charm.
11
12 The knock demon runs on firewall (that is the best setup) and listen for
13 specific knock sequence. You can open any port this way.
14 If you have a Gentoo based firewall, knock in in portage but your
15 machine must more mussels to run Gentoo; and Freesco will run on any
16 "door-stopper" starting from 486.
17
18 --
19 #Joseph
20
21 > Raphael have you gone through
22 > http://www.gentoo.org/doc/en/security/index.xml it has some good
23 > points and worth going through and ticking off each one.
24 >
25 > Cheers
26 > Rav
27 >
28 > On 8/3/05, Joseph <syscon@×××××××××.com> wrote:
29 > > On Tue, 2005-08-02 at 23:50 +0000, Raphael Melo de Oliveira Bastos Sales
30 > > wrote:
31 > > > Hi there,
32 > > >
33 > > > I was wondering what tools should I use to detect security flaws to
34 > > > my server and a few tips on how to use them. What are the most common
35 > > > forms of attack and how do I avoid being attacked by one of them?
36 > > >
37 > > > The services avaliable are only Apache - SSL and SSH. I've
38 > > > installed an firewall, iptables and firestarter to control it, and
39 > > > blocked all ports except 443 and 8080, where the SSH is listening.
40 > > > Apache has PHP installed as a module.
41 > > >
42 > > > Thanks for the attention,
43 > > >
44 > > > Raphael.
45 > >
46 > > I have port knocking installed on firewall, to further protect any SSH
47 > > attacks.
48 > > So port 22 is closed (in stealth mode) and only opens if it received the
49 > > right knock sequence, moreover it is only opened to an IP address from
50 > > which received successful knock sequence; all others see this port as
51 > > closed (in stealth mode).
52 > >
53 > > --
54 > > #Joseph
55
56 --
57 gentoo-user@g.o mailing list
Report Message
Find on MARC Find on Google Groups