[svlug] Configuring Server - SSH Trouble + Security Considerations
shaeffer at neuralscape.com
Sat Oct 21 23:37:48 PDT 2006
On Sat, Oct 21, 2006 at 09:49:26PM -0700, Lord Sauron wrote:
> Yes, it is behind a firewalled router, it turns out. If you try to
> access port 80 (web server) the firewall demands a password. Could
> that behavior you saw be the firewall re-routing the traffic? Do you
> know how to sidestep the firewall?
> For the final setup the server will be outside the hardware firewall
> (if I turn off all ports except the ones I'm using I should be safe)
> and enable a good software firewall (iptables) I think I'll be more or
> less good to go for security. I can't think of a reason someone would
> want to hack me - there's nothing valuable there.
If you want to learn a little about firewalls and network archtitectures
for secure services, then a good introduction is one of Ziegler's books.
By the way, once you figure all that out, then you might want to have
some fun. Iptables is programmable at run-time. So you can dynamically
detect network events of interest and dynamically modify your firewall
to respond to events. But before you delve into that, figure out why it
is a good idea to have a firewall or two in front of your DMZ zone.
Neuralscape, Palo Alto, Ca. 94306
shaeffer at neuralscape.com http://www.neuralscape.com
More information about the svlug