desktop linux security (was Re: Is my computer safe enough if I use just iptables?
mandreiana at rdslink.ro
Fri Oct 15 13:59:39 UTC 2004
On Fri, 2004-10-15 at 09:29 -0400, Harry Hoffman wrote:
> Simply put *NO* you are not safe enough. At the very least I would run a
> personal proxy (such as privoxy).
> cookies and then only allow them to be session cookies.
> Even more paranoid... Setup your iptables to DROP by default INPUT and
> OUTPUT. Log the OUTPUT attempts and decide what should be passed (That
> way any "funny business" is less likely to happen).
I disagree with these. What home user would do this and then still have
time to browse properly and use the computer?
1. install only needed software. Don't perform an "everything" install
if you don't need everything.
2. enable firewall in anaconda at install time. Don't enable any ports
if you don't need them
3. System Settings -> Server Settings -> Services. Enable iptables, look
at others if they are needed.
4. Install tripwire from fedora extras
5. skim through root's mails (tripwire, logwatch)
Galuna - Solutii Linux in Romania
More information about the users