[ubuntu-uk] Warning to all users of Samba
John Matthews
jakewc2 at sky.com
Wed Apr 21 12:05:54 BST 2010
Does anybody have any information on how to use these firewalls. I tried
setting one up, and ended up shutting my pc off to everything, and had
to get somebody to help open it up again. I gave up with the virus
checker, as it thought a lot of things that were important to the pc
were viruses, and as I dont know enough, had to leave that go.
John
On 21/04/10 11:51, Paul Morgan-Roach wrote:
>
> On Wed, Apr 21, 2010 at 12:29 AM, John Stevenson <john at jr0cket.com
> <mailto:john at jr0cket.com>> wrote:
>
>
> Am I wrong in thinking this post is really a warning about not
> setting you router up securely?
>
> If you are unable to control the router or the IP address your
> Ubuntu box is assigned, then you can always run a firewall and/or
> AppAmor on you Ubuntu box.
>
>
> For those wanting a graphical interface for IPTables, you can use
> Firestarter (available in the repos). It's a nice interface that
> covers most functions. From the command line Ubuntu has ufw - the
> uncomplicated firewall, which is effectively an easy method to
> configure basic firewalling (eg. ufw allow ssh)
>
> I can't emphasise enough how important it is to secure the perimeter
> device effectively though. If outbound filtering is enabled and
> services are only enabled on requirement, we'd see a drop in viruses,
> worms, spam and other nasties. Think back to the "Slammer worm"
> (http://en.wikipedia.org/wiki/SQL_Slammer) which compromised windows
> boxes at a rapid rate, but could not have propagated anywhere near as
> fast if outbound firewalling was enabled.
>
> The same goes for IRC controlled botnets - if you restrict outbound
> IRC traffic from only the machines that you use IRC on, then the
> infected machines cannot be controlled.
>
> The majority of spam comes from hijacked PC's - if your perimeter
> device only allows the mail server on your network outbound access on
> port 25, then spam cannot be sent from a compromised desktop.
> Furthermore, logging on the perimeter device can also be used to
> identify threats from within the network (if you see a blocked IRC or
> SMTP traffic it gives cause for investigation).
>
> I hope this gives a little food for though....
>
> Paul
>
--
Ubuntu User #30817
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20100421/4916186a/attachment.htm
More information about the ubuntu-uk
mailing list