[NCLUG] Two easy? security questions...
dobbster
dobbster at verinet.com
Mon Sep 4 13:27:58 MDT 2000
Paul,
> If you don't care about the IPs (i.e. you're too busy to do the legwork to
> complain to their ISP), recompile the kernel with ipchains support
> (assuming you're using 2.2), install ipchains, and setup a deny rule for
> services you don't use, and ignore people trying to 'sploit your
> non-existant IMAP server.
I'd rather not bother the ISPs. Most of the time they seem to ignore my
complaints anyway.
> http://www.linux-firewall-tools.com has more info, including an automated
> firewall script generator.
>
> The fine folks over at tummy.com also have IsinGlass, which works quite
> nicely: http://www.tummy.com/isinglass
Thanks... I'll check both of these places out. It sounds as if some of
these tools might provide me additional protection.
I do have ipchains configured into my kernel already. Where would I set
the deny rule? (inetd.sec?)
Is port 143 (Imap) a popular one for these kinds of attacks? I am
rather new to this...
More information about the NCLUG
mailing list