Linux network security poll

I need to get serious about security since I will be soon connected to
the net almost 24x7 (barring a power outage etc.) so I was wondering
if list members could explain their security setup (network
configuration, DMZ, firewalls, IDS, logging, etc.). Also what would
you recommend for someone like me who is still on an entry level in
terms of my understanding of Linux and network security and what would
be recommend for later on down the road once I get more sophisticated?
I run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next
week and plan on having a DSL modem/router doing NAT. I only have one
machine now but plan on adding another one within the next 3 months or
so.

Zach


Zach

On Tue, 12 Feb 2008 02:32:46 -0800, Zach wrote:

> I need to get serious about security since I will be soon connected to
> the net almost 24x7 (barring a power outage etc.) so I was wondering if
> list members could explain their security setup (network configuration,
> DMZ, firewalls, IDS, logging, etc.). Also what would you recommend for
> someone like me who is still on an entry level in terms of my
> understanding of Linux and network security and what would be recommend
> for later on down the road once I get more sophisticated? I run Debian
> lenny with a 2.6.18 kernel. I will be getting ADSL next week and plan on
> having a DSL modem/router doing NAT. I only have one machine now but
> plan on adding another one within the next 3 months or so.
>
> Zach

Close off all ports on the router. If you need external access to your
systems then open an ssh port preferably on a non-standard port. When
configuring ssh disable password authentication and root access and
require RSA authentication. You can run a firewall on your system in
addition to the router's firewall if you want, but it shouldn't be
necessary.