[Dshield] Decloaking for a question

Johannes Ullrich jullrich at sans.org
Fri Aug 2 03:25:22 GMT 2002

(the post is a a little bit far away from the main 'security' topic of this
site. Please restraint replies and consider replying to the author off list)

Options to consider (all of these are available free or for some
fee if you want to buy CD-ROMs)

RedHat Linux: probably the widest supported distribution, got
everything you need and good easy to apply updates/patches as
they become necessary. 

Mandrake Linux: Considered more 'feature rich' then redhat, but
the extra features are more desktop oriented, not server oriented.

OpenBSD: Considered more 'secure' than others, but not a well
supported. Probably a great choice if you are interested in 
a server only machine.

Suse Linux: I keep hearing great things about it, but never got a
chance to try it...

Some things to consider about security:

- the sonicwall is a great idea. In particular as you get started
and experiment, it is nice to have the extra layer.

- use the firewall (iptables, pf) that comes with the respective

- check your logs regularly. On Linux, I like a perl script called
'swatch' to automate this.

- if you are interested in learning more, run snort!

jullrich at sans.org             Collaborative Intrusion Detection
                                    join http://www.dshield.org

More information about the list mailing list