IP-Tables and Security in General

D. Hugh Redelmeier hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Mon Sep 23 15:31:30 UTC 2013


| From: Aruna Hewapathirane <aruna.hewapathirane-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>

| Am not running a network ( yet )

You are running a network, just a simple one.

You still haven't specified the network you do want to run.  Surely that's 
what you want to secure.

| all I have is a single ancient PC (
| Intel(R) Pentium(R) 4 CPU 3.06GHz with 2GB RAM ) running Ubuntu 10.04
| LTS mostly used to develop.

Why not move to 12.04 LTS?  I don't know how good the support for
10.04 is these days.

| My ISP is Bell so I have their router and when I had a look it says:
| 
|    - Connection type: Ethernet
|    - IP address: 192.168.2.26
|    - IP address allocation: DHCP
|    - *IP address type: Private (NAT)*
| 
| So am guessing it implements Network Address Translation.

Surely.

So significant protection is provided by NAT: essentially all traffic
to your machine is initiated by you (your machine is a "client").
There are still attack vectors.

For your simple setup, Ubuntu is probably mostly safe out of the box, 
without significant configuration.  Of course it can be improved.

You, the user and sysadmin, need to avoid unsafe acts.

(I haven't looked at your netstat output.)
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list