IP-Tables and Security in General
D. Hugh Redelmeier
hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Sun Sep 22 17:09:59 UTC 2013
| From: Aruna Hewapathirane <aruna.hewapathirane-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
| To: The Canadian Ubuntu Users Community <ubuntu-ca-nLRlyDuq1AZFpShjVBNYrg at public.gmane.org>, Toronto Linux User's Group <tlug-lxSQFCZeNF4 at public.gmane.org>
Cross-posting to lists like these is probably a bad idea. So I've
only replied to the TLUG list.
| I recently noticed lots of incoming connections on my fire-starter ( its
| the firewall I use ) and my load average kicked up considerably but I am
| unable to identify what is specifically causing all this sudden unwanted
| incoming traffic as am no network specialist :-)
You have told us way too little about your network for us to give
specific advice.
- are you running multiple machines? I will assume so.
- what is your gateway system? For example, a cable or DSL
modem/router from your ISP. Does it implement NAT?
- what are your machines trying to do? Are they just "clients" or are
they intended to be servers to the internet. (I quote the word
"client" because this is a distorted way of viewing the internet
forced on us.
- what is the unwanted traffic? (Ususally tcdump or wireshark or
logging can tell you.)
| Does anyone have any information on how to secure Ubuntu with iptables for
| newbies to system administration and security in general ?
Sadly, this is too big and general a question.
| Do we have a best practices model for preventing intrusions and securing
| one's system ?
That's kind of jargon, but I know what you mean.
You can do security from first principles (had work, and error prone),
or you can copy something else that has consensus support.
Every mainstream general distro tries to give you a good basis for a secure
system (in my opinion, Ubuntu isn't the best but is OK). But from
there, you customize for different purposes and need to adjust security
appropriately.
Summary: you need to specify what your systems are intended to do and
how. Security has to reflect and be reflected in those designs.
Security should not be an afterthought.
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list