[Tfug] debian 4 security

[Ronald Sutherland]

On Wed, May 28, 2008 at 10:15 AM, ericdanc at alice-dsl.net <
ericdanc at alice-dsl.net> wrote:

> I have 1 or 2 PCS plugged directly into a dsl-modem, no LAN and just 1
> user (me). Since the pppoe-connections are temporary with dynamic
> ip-addressing, an iptables-firewall probably isn´t needed or possible.
> I, however, want to feel comfortable connecting to my bank, fund manager
> etc.  Except for ps aux, dmesg etc., somehow i don´t feel like i know
> what´s going on in debian:  it´s so "quiet" compared to, say, vista,
> where it´s hand to hand combat every day when you´re connected.
> So, given my minimal system, are there security tools (weapons), like
> intrusion detection,  a list of services I should turn off or whatever?
> Eric
>

does pppoe give you a routed IP address?
with my dsl modem (pppoa) only the modem gets a routed address. The
computers that talk to the modem have non-routed addresses 192.168.0.*, thus
nothing can see them or get to them.

In my case the modem runs NAT to make this work, a fire wall would block
ports that no one can see anyway, and I would have to open ports up to
access my other computers.

http://en.wikipedia.org/wiki/Network_address_translation

Try Firefox on Windows, it may reduces the hand to hand combat. I'm still
using XP so not sure on that.

RFC 1918 defines the following private address blocks. These blocks are
guaranteed to not be routed across the Internet.
network            range                                  notes
10.0.0.0/8         10.0.0.0 to 10.255.255.255             1 Class A
172.16.0.0/12      172.16.0.0 to 172.31.255.255           16 Class B
192.168.0.0/16     192.168.0.0 to 192.168.255.255         256 Class C
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20080528/b22fdf76/attachment-0002.html>