Next message: Jim Munro: "Re: [LUNI] SVGATextMode"
> > On Wed, Mar 07, 2001 at 09:10:32PM -0800, chamster wrote:
> > > I'm paying more attention to securing my Linux system in hopes of one
> > > day getting high-speed access (#$%!!) and setting up a firewall.
> > > However, until then, I'm trying to wrap my mind around my current setup
> > > and its security ramifications which hopefully somebody can help me
> > > on...
> > >
> > > I've got a Linux router acting a NAT (for the modem dialup) and proxy
> > > server (via squid) for a small LAN, but it also acts as the LAN's
> > > file/print server using Netatalk and Samba. Since I'm on a dial-up
> > > connection, I'm not exactly prime real estate for crackers, but that
> > > didn't stop a script-kiddie from trying an outdated buffer overflow
> > > attack on a weekly basis.
FWIW, Samba can be configured to serve only on specific interface(s) such as
'eth0'. Assuming eth0 is the internal interface of the File-Print
Server/NAT/Proxy box. As others have suggested also block the relevant ports
on 'ppp0' for additional insurance.
HTH,
--
Arun K.
-=-
Linux Users Of Northern Illinois: General Discussion Mailing list.
For unsubscription, archives, and announcements only see http://luni.org
This archive was generated by hypermail 2b29
: Thu Mar 08 2001 - 14:41:46 CST