Next message: David Rock: "Re: [LUNI] Off topic....kinda sorta"
On Thu, 8 Mar 2001, Martin Maney wrote:
> On Thu, Mar 08, 2001 at 05:26:38PM -0800, chamster wrote:
> > I thought that if I have service A (Samba for exaple) on a firewall, my
> > firewall cannot protect the service. An external user could just connect
> > directly to the service.
>
> No, it's much less restricted than that. A lot of good writing does leave
> that impression by omission, and it is always better if the failure of the
> first level of protection doens't immediately expose basically everything
> that it's protecting.
Thank you very much. I can now give IPchains a whirl to see how I do.
> What you want for this sort of design is a good book/article/HOWTO on what
> is often called "host security"; Lance's writings on what he likes to call
> "hardening" would seem a likely candidate here, with the advantage of it
> being fairly easy to pester the author with any questions. :-)
I don't know what user level it's aimed at, but this newbie is getting a
lot out of Bob Toxen's Real World Linux Security (despite my initial
question ;)
I think security is one of the harder things for newbies to pick up.
There's the technical aspect but also that paranoia about doing something
dreadfully wrong ("Limited time showing: Steve's hard drive!") There are a
number of good security walkthru's on the Net. However, one nice thing (in
my mind, the most important thing) about Toxen's book is that I have a
better feel for the big picture, a better sense of context for what I'm
being told.
Anyway, thanks again!
Steve
-=-
Linux Users Of Northern Illinois: General Discussion Mailing list.
For unsubscription, archives, and announcements only see http://luni.org
This archive was generated by hypermail 2b29
: Thu Mar 08 2001 - 21:07:29 CST