Return-Path: Delivered-To: apmail-gump-general-archive@www.apache.org Received: (qmail 26406 invoked from network); 11 Aug 2004 15:01:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 11 Aug 2004 15:01:25 -0000 Received: (qmail 80596 invoked by uid 500); 11 Aug 2004 15:01:25 -0000 Delivered-To: apmail-gump-general-archive@gump.apache.org Received: (qmail 80470 invoked by uid 500); 11 Aug 2004 15:01:23 -0000 Mailing-List: contact general-help@gump.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Gump code and data" Reply-To: "Gump code and data" Delivered-To: mailing list general@gump.apache.org Received: (qmail 80457 invoked by uid 99); 11 Aug 2004 15:01:23 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [130.89.1.88] (HELO netlx014.civ.utwente.nl) (130.89.1.88) by apache.org (qpsmtpd/0.27.1) with ESMTP; Wed, 11 Aug 2004 08:01:21 -0700 Received: from [130.89.169.128] (giraffe.student.utwente.nl [130.89.169.128]) by netlx014.civ.utwente.nl (8.11.7/HKD) with ESMTP id i7BF1FE00201 for ; Wed, 11 Aug 2004 17:01:15 +0200 Message-ID: <411A34BB.7010806@jicarilla.org> Date: Wed, 11 Aug 2004 17:01:15 +0200 From: Leo Simons User-Agent: Mozilla Thunderbird 0.6 (X11/20040519) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gump code and data Subject: Re: brutus admin work References: <411A2490.2070700@jicarilla.org> In-Reply-To: <411A2490.2070700@jicarilla.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-UTwente-MailScanner-Information: Scanned by MailScanner. Contact helpdesk@ITBE.utwente.nl for more information. X-UTwente-MailScanner: Found to be clean X-MailScanner-From: lsimons@jicarilla.org X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N we now have iptables installed and configured to only accept connections on ports 22,80,8080. I used the configuration package 'lokkit' (command: 'lokkit') for the configuration, as our needs are so simple. we also have something called 'aide' installed, which monitors for intrusions and e-mails reports to the root user. set up as follows: apt-get install lokkit apt-get install aide lokkit # set up ports iptables -A INPUT -j RH-Lokkit-0-50-INPUT # use the new chain iptables -A FORWARD -j RH-Lokkit-0-50-INPUT cheers, - LSD Leo Simons wrote: > I'm working on some upgrades and other stoof on brutus. If it dies, > blame me :-D > > - LSD --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscribe@gump.apache.org For additional commands, e-mail: general-help@gump.apache.org