RE: [cobalt-developers] Firewall for RaQ550?

[BSmith@xxxxxxxxxxx]

-----Original Message-----
From: Distortal [mailto:info@xxxxxxxxxxxxx]
Sent: Thursday, June 19, 2003 8:33 AM
To: Cobalt Developer List
Subject: [cobalt-developers] Firewall for RaQ550?


How secure is a stock 550, and  if a firewall is recommended, which one?

D
_______________________________________________


Any type of box is only as secure as the weakest link.  In order to secure
your box, you need to take account strong user authentication.  Do you have
it?  If not, your insecure.  There are a bunch of exploits already known on
the RaQ 550. Download the patches from Sun, and bring it up to speed.  Start
patching the rest of the applications on your own!  Take the time to learn
which processes & daemons you can safely kill, and do not need.

Doing theses things mentioned you just greatly secured your box.  Now, the
firewall?  IPTABLES is a free Firewall software that comes on the box.
There is a small little web gui designed to help your BUILD a firewall using
it. You can get it from NuOnce Networks ->
http://www.nuonce.net/firewall.php.  You can also look at installing some
security applications.  Some where on their site it is listed.
http://www.solarspeed.net has a security package.  All of it is open source,
so you can search on their names, and download them, or pay to have them
install & configured properly.  (Choose the 2nd if you do not know what it
is your doing).

Remember though, the only way you can truly secure your box is to unplug it
from the network! :)  Even after all of the IDS software, updates, firewall,
etc is on the box.  If you do not take the time to monitor your logs, and be
a proactive admin, your box is still insecure!

Just my two thoughts for the morning!

Thanks,

Brian