[techtalk] Tightening Security
James A. Sutherland
jas88 at cam.ac.uk
Tue Feb 20 12:14:14 EST 2001
On Mon, 19 Feb 2001, Christian MacAuley wrote:
> Recently i've gotten a few complaints about probes/scans from one of my
> computers (a Cobalt Linux server.) I've looked at my logs and i can see no
> one was logged into it at the time that the scans were reported. Does that
> mean someone is spoofing me?
It's possible - what kind of scans/probes were these? Are you running
Squid?? (Squid sometimes uses pings to determine round trip times to
remote sites; these could be interpreted by a paranoid admin as being
probes.)
> I'd like to make sure all the ports i'm not using are closed, and generally
> tighten security ... how do it do it? Also, i've heard that there's no
> point in installing a firewall on a Linux server -- is that true?
Linux does have builtin firewall functionality, which should perform the
same job anyway.
James.
More information about the Techtalk
mailing list