[NCLUG] Two easy? security questions...

dobbster dobbster at verinet.com
Mon Sep 4 13:27:58 MDT 2000


Paul,

> If you don't care about the IPs (i.e. you're too busy to do the legwork to
> complain to their ISP), recompile the kernel with ipchains support
> (assuming you're using 2.2), install ipchains, and setup a deny rule for
> services you don't use, and ignore people trying to 'sploit your
> non-existant IMAP server.

I'd rather not bother the ISPs.  Most of the time they seem to ignore my
complaints anyway.

> http://www.linux-firewall-tools.com has more info, including an automated
> firewall script generator.
> 
> The fine folks over at tummy.com also have IsinGlass, which works quite
> nicely: http://www.tummy.com/isinglass

Thanks...  I'll check both of these places out. It sounds as if some of
these tools might provide me additional protection.

I do have ipchains configured into my kernel already. Where would I set
the deny rule?  (inetd.sec?)

Is port 143 (Imap) a popular one for these kinds of attacks?  I am
rather new to this...



More information about the NCLUG mailing list