Monitoring file integrity with FC4 - Tripwire??
Scot L. Harris
webid at cfl.rr.com
Mon Oct 3 14:13:35 UTC 2005
On Mon, 2005-10-03 at 00:51, Jeff Vian wrote:
> A very quick check to see exactly what may be of concern would be to run
> "nmap yourInternetIPaddress" on the machine and see what it returns.
> Maybe nothing (in which case you have no concerns) and maybe a list of
> ports that are open (in which case you have a specific list of ports to
> be careful of).
You may want to try a scan from an external site such as
http://www.grc.com use the shields up utility on that site. It does a
fair job of showing open ports on your site.
I would also recommend one of those cheap hardware routers/firewalls
like linksys, netgear or others put out. They do a good job of hiding
your system and are less susceptible to being disabled accidentally. It
is still a good idea to run iptables on your system even with one of
these on your Internet connection.
And configure ssh to permit specific users in and consider moving ssh
port to a different port. Moving the port just keeps the script kiddies
from knocking on the door, don't consider this a real security measure
since a real hacker would scan and find the port anyway.
More information about the fedora-list
mailing list