[TriLUG] Security question
Daniel T. Chen
crimsun at email.unc.edu
Mon Aug 13 15:41:12 EDT 2001
On Mon, 13 Aug 2001, Chris Knowles wrote:
> If you are running telnet and an unpatched WU-FTPD and need to have CVS
> pserver running...
You don't happen to have your decrypted /etc/shadow posted on /. too, do
> OK, I'm just kidding. :)
> So, is it better to have a firewall that drops almost everything to the
> ground, or one that is open until it detects a scan? My gut says to drop
> everything, if they can't get in they can't get in. But, it's kinda neat to
> see the attempted scans.
Portsentry is interesting, but I'd much rather start with a default policy
of DENY. Then only open the ports that you must.
> Or do I just not grok the setup of portsentry? (entirely possible, I've only
> been playing with it for a few hours.)
Perhaps after I finally get portsentry working after Debian sid's latest
libc6 fiasco... ;P
Dan Chen crimsun at email.unc.edu
GPG key: www.cs.unc.edu/~chenda/pubkey.gpg.asc
More information about the TriLUG