[CLUE-Tech] Meeting Redux: Security Links

Wed May 15 18:51:47 MDT 2002

Thought I'd throw out some links for stuff that was in the Dave'n'Roy show
last night.

http://www.linuxsecurity.com/

http://www.securityfocus.org/ (or .com)
  OB: <grumble>javascript:document.frmSearch.submit();

This is what I was looking for anyway
http://online.securityfocus.com/library/3537 - except there's nothing
there, but it winds up at
http://people.unix-fu.org/andreasson/iptables-tutorial/iptables-tutorial.html

http://www.linux-sec.net/

I was hoping to post this article, "10 minutes to an iptables-based Linux
firewall - Sep 20, 2001", from linuxworld.com, but sadly, linuxworld.com
is gone. However, as a quick'n'dirty place to start, for a dialup
connection, it's easy to block incoming traffic:

  iptables -A INPUT -i ppp+ -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j
DROP

stops all incoming TCP. I tested my machine after doing this, and it
apparently works real well. If you don't have nmap on your machine, hey -
no problem: http://www.linux-sec.net/Audit/nmap.test.gwif.html I guess I
should also set up a rule which blocks UDP, but lets NNTP through. Maybe
after StarTrek is over ;-)

Well, hey, Google cache comes through again:
http://216.239.39.100/search?q=cache:htrqbpfaRCUC:www.linuxworld.com/site-stories/2001/0920.ipchains.html+%2210+minutes+to+an+iptables-based+Linux+firewall+-+Sep+20,+2001%22&hl=en

http://www.net-security.org/articles_main.php

http://netfilter.samba.org/unreliable-guides/

http://www.linuxnewbie.org/nhf/intel/security/iptables_basics.html

http://www.tripwire.org/
http://www.snort.org/
http://www.psionic.com/products/portsentry.html
http://www.bastille-linux.org/

Well, y'awl can google for more, once you've finished with these.

Oh, one more thing: http://www.weitz.de/vaio.html ;-)
-- 
Fight the CBDTPA: http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html

"Those who expect to reap the blessings of freedom must, like men,
 undergo the fatigue of supporting it." - Thomas Paine