[Dshield] Is it true that Linux users do not fear Viruses and Trojans (+ some vital questions)

Manuel Lanctot pacu at sympatico.ca
Fri Oct 11 11:41:04 GMT 2002


On Thursday 10 October 2002 05:03 pm, John Draper wrote:
> >1) Firewalls can fail to stop a determined intruder.
>
> YOu need an indrusion prevention system...   some system that would link an
> IDS into something that can "cut off" the attacker,   and better backup
> policy.

That's the combo I use. Iptables blocks everything by default but since I have a 
website, it keeps the 80 port open. Then, the IDS watches this port for everything 
suspicious. If an alert is triggered, a new rule is added in iptables to block the offenser.
Physical firewalls excepted, IMO this is one of the best defense combo for a home server 
(and it's free).

> John

--
Manuel F. Lanctot
PACU Communications




More information about the list mailing list