[31990] in North American Network Operators' Group
Re: Security on a home DSL Line
daemon@ATHENA.MIT.EDU (Todd Caine)
Thu Nov 2 19:11:25 2000
Message-ID: <3A0201C2.645DC1A4@eli.net>
Date: Thu, 02 Nov 2000 16:07:30 -0800
From: "Todd Caine" <todd_caine@eli.net>
MIME-Version: 1.0
To: "J. Gilmore" <reece0011@yahoo.com>
Cc: nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Hello,
A pentium will definitely suffice as a firewall. Beefing up security
really depends on your OS as to a specific 'good-enough-for-now'
solution.
I decided to just lock my computer down by applying all of the
recommended and security related patches from the vendor of the OS,
then I comment out almost every service in /etc/inetd.conf. You don't
want to be using services like fingerd and telnetd most likely. I
usually only run sshd, secure RPC, and httpd. I would also recommend
using tcp wrappers for the tcp services that you enable.
That seems to be working fine for my home computer, and it's kind of
fun to watch the logs. You would be amazed at some of the things
people try to do. :)
Cheers,
todd
"J. Gilmore" wrote:
> I'm looking to beef up security on a home DSL line.
> Currently I am using ZoneAlarm (the freeware version).
> I'm thinking of taking an old Pentium 120, and
> setting that up as a firewall, but wanted to know if
> anyone else had a better idea.
>
> __________________________________________________
> Do You Yahoo!?
> >From homework help to love advice, Yahoo! Experts has your answer.
> http://experts.yahoo.com/
--
--------------------------------------------------------------
<!-- Todd Caine - tcaine@eli.net
Software Engineer
Electric Lightwave, Inc.
4400 NE 77th Avenue
Vancouver, WA 98662
Direct Dial: (360) 816-4344 //-->
--------------------------------------------------------------
