Comment Re:Teach Me How To Be Secure (Score 2) 139
You are doing the last step first. Setting up a firewall isn't vital in many cases.
First step is to close unnecessary open ports. For instance, The SuSE distrib installs telnet, ftp and Apache demons as default. Joe DSL doesn't need this. Consider what you really need on your system and keep this. The less stuff you got running on your box the less stuff you have to maintain. You don't need sendmail/procmail if you use a mail client that directly gets mails from a POP3 and sends to the upstream mail server. One port shut (tho this only makes sense if there is only one user on the system and it doesn't hurt too much to be online when mailing). Joe DSL doesn't need a webserver running. SuSE installs apache so you can search the online-doc they provide. That's overkill. Get rid of it. BTW I had to grin when I read about the increase of apache installations. I think SuSE et al had their share in this. Joe Avarage doesn't need an FTP server. Away with this one. Joe most likely doesn't need telnetd. Get rid of it. And if you do need it, there are secure alternatives(ssh). Finger demons, talk demons and assorted knick-knack isn't needed. Kick it. Feel free to check your system with Saint. It can be a real eye opener. The reason for this house cleaning is the more services you got running, the more potential security loops are inserted into your system. And maintenance complexity is rising exponentially. Less is more in this case.
Second step has to be the installation of some means to monitor unauthorized changes in your system. There are several ways to install alarms like these. It's most of the time the only way to find out somebody breached your system integrity. And logs are there for reading. Or at least to grep through them.
Third step is to set up the firewall.
Fourth step is to keep up-to-date with security fixes for the stuff you got up&running on your system.
It is important that you know what is actually happening in your 'puter. If you even are unsure wether you have telnet running or not then the main security problem is sitting in front of your keyboard.
