Hardening Network Security Questions

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Hardening Network Security Questions

bobby
I was on the ubuntu forums, and a user had posted this:

Always have both a hardware AND software firewall.
Don't trust other computers on the same LAN implicitly. One of them may have been hacked and is being used to attack all other systems

I had some clarification questions on these:
1. I am running iptables on my server. Is this not enough? Is a hardware device recommended as well?
2. How is this acted upon? How do I protect myself internally, from these types of attacks?

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
Reply | Threaded
Open this post in threaded view
|

Re: Hardening Network Security Questions

Jim Tarvid
iptables is not enough. You will need to maintain a list of banned ips. failtoban - https://www.fail2ban.org/wiki/index.php/Main_Page is a good start. 
A hardware firewall will only add to confusion. See https://github.com/trick77/ipset-blacklist

But ... backup first and always. I backup to a second server with rsync daily. I inspect logins and new files daily. 

On Fri, May 18, 2018 at 11:29 AM, bobby <[hidden email]> wrote:
I was on the ubuntu forums, and a user had posted this:

Always have both a hardware AND software firewall.
Don't trust other computers on the same LAN implicitly. One of them may have been hacked and is being used to attack all other systems

I had some clarification questions on these:
1. I am running iptables on my server. Is this not enough? Is a hardware device recommended as well?
2. How is this acted upon? How do I protect myself internally, from these types of attacks?

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened




--

Kindness Works!
Jim Tarvid
12897A Grays Pointe Road, Fairfax, Va 22033-2143
38.87782, -77.39270
703-657-0099 Condo
703-624-5289 Cell
703-594-7297 Google voice
202-753-0025 Tablet

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
Reply | Threaded
Open this post in threaded view
|

ubuntu-cve-tracker converted to git

Steve Beattie-3
In reply to this post by bobby
Hello,

I have converted the Ubuntu CVE Tracker from bazaar to git. This is
hosted at https://code.launchpad.net/ubuntu-cve-tracker and can be
cloned via:

  git clone https://git.launchpad.net/ubuntu-cve-tracker

or (if you have a registered ssh key with launchpad):

  git clone git+ssh://git.launchpad.net/ubuntu-cve-tracker

I will leave the existing bazaar tree in place for a few weeks, in case
we need to revert back. Otherwise, I will remove the tree, replacing it
with a markdown file documenting the location of the git tree (a la
https://bazaar.launchpad.net/~ubuntu-bugcontrol/ubuntu-qa-tools/master/view/head:/README.md
).

Please let me know if you hit any issues with the conversion. Thanks!

--
Steve Beattie
<[hidden email]>
http://NxNW.org/~steve/

--
ubuntu-hardened mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened

signature.asc (849 bytes) Download Attachment