Monitoring file integrity with FC4 - Tripwire??

Ian mogplus8 at bigpond.net.au
Mon Oct 3 04:19:38 UTC 2005 


Jeff Vian wrote:

>On Mon, 2005-10-03 at 11:41 +1000, Ian wrote:
>  
>
>>Scot L. Harris wrote:
>>
>>    
>>
>>>On Sat, 2005-10-01 at 18:53, Ian Harris wrote:
>>> 
>>>
>>>      
>>>
>>>>On Sat, 1 Oct 2005 01:46 pm, Scot L. Harris wrote:
>>>>   
>>>>
>>>>        
>>>>
>snip
>
>  
>
>>Excellent advice. I don't have any servers or a network though, my PC is 
>>just a home PC connected directly to the net.
>>At one stage I had a home network set up with Smoothwall on a dedicated 
>>PC, which had snort enabled. I used to check the logs occasionally, and 
>>I was always gobsmacked at how many attempts to hack the box were 
>>recorded. Hundreds a day sometimes.
>>Cheers, Ian
>>
>>    
>>
>
>I beg to differ with you.  
>
>Your home PC attached to the net IS on a network and IS a server.  The
>complete list of services you have enabled is optional but by default
>some are (assuming Linux of course), and thus tools for protection are
>needed.  I get attacks on httpd and on sshd (the only ports I allow
>remote connection to) regularly in a similar scenario.
>
>Different types and styles of networking have differing requirements but
>even a single home PC needs some form of protection (unless it is
>stand-alone and never connects to ANY network - a rarity indeed
>nowdays).
>
>  
>
Couldn't agree more. I used Norton for years on Windoze, and use 
Zonealarm now. Wouldn't consider connecting to the net without them. 
When I installed FC4 I ensured no services where set up (http, ftp, etc) 
because I couldn't think of a reason for letting other people on the net 
connect to my PC without me connecting to them first. So, in terms of my 
rather meagre understanding, I'm not serving anything to anybody on the 
net. I'm still vulnerable to port scans and other hacker activity of 
course, and this is all I'm trying to protect myself against. Since I 
don't *really* understand selinux, iptables, firestarter et al (haven't 
RTFMed yet) I'm just hoping the default settings as set up by the FC4 
install are adequate for my purposes. So far no problems <touch wood>.
Cheers, Ian

More information about the fedora-list mailing list