Complete.Org: Mailing Lists: Archives: discussion: August 2001:
[aclug-L] Re: Denied connections
Home

[aclug-L] Re: Denied connections

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: Denied connections
From: Ironrose <amccadden@xxxxxxxxxxx>
Date: Sun, 26 Aug 2001 23:47:18 -0500
Reply-to: discussion@xxxxxxxxx

Yes--more points for the Linux side!  No site licenses, very few viruses
(so far) have any effect on Linux, very low cost, and once it is setup,
it is very easy to maintain.  I don't attach graphics to e-mails often,
but this one is a keeper.
My co-workers that the code red is going after web servers no matter
what NOS they are using.  I know they are wrong, but too bad they don't
understand what the REAL issues are with the matter.  ~Ironrose


John Alexander wrote:
> 
> For ammunition with those who say Linux is so easy to break into: Do It.
> Any reasonably maintained Unix system has bullet-proof security compared to
> the analoguos M$ system. Any Linux boxes hit by Code Red? Didn't think so.
> 
> ja
> 
> -----Original Message-----
> From: discussion-bounce@xxxxxxxxx [mailto:discussion-bounce@xxxxxxxxx]On
> Behalf Of Ironrose
> Sent: Sunday, August 26, 2001 6:41 PM
> To: discussion@xxxxxxxxx
> Subject: [aclug-L] Re: Denied connections
> 
> Greg House wrote:
> Maybe we should have SSH for a topic and how to use it one of the ACLUG
> meetings.  My Micorosoft friends are always telling me how INSECURE
> Linux is and that Linux computers are so easy to hack into.  (I wonder
> how they think they know that, have they tried?)  I need more amunition
> to argue with them.  Right now, I just try to leave them alone.  I have
> told them about my log files from my firewall.  I so glad that I have a
> good firewall now. :-)
> 
> > On Sunday 26 August 2001 14:02, you wrote:
> >
> > > > A related question; What keeps someone from breaking in on one of the
> > > > ports that is not denied by the firewall?
> > > > bruce
> > >
> > > Essentially each connection opens a 'tunnel' to the outside and if the
> > > packet is not sent as a response over one of these tunnels, it denys the
> > > packet. Unless, you specifically allow access to say port 80 (forewared
> to
> > > another machine), then there might be some problems.
> >
> > The idea is that you keep whatever you run on those ports as secure as
> > possible. If you run a web server, make sure your version of Apache (or
> > whatever) is as up to date as possible to prevent any known
> vulnerabilities
> > from being exploited in it. If you don't run a websever, shut off port 80
> > (http) in your firewall. Likewise with other services.
> >
> > Some services are inherently less secure, so you might want to substitute
> a
> > higher security replacement. For example, use ssh instead of telnet.
> >
> > Greg
> > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> 
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi

-- Binary/unsupported file stripped by Listar --
-- Type: image/jpeg
-- File: pingouin.jpg


-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]