Hi,
>I think about the single most important security hole to plug
>is who has access to your computer with tcp wrappers.
>Its easy to start:
> /etc/default/inetd => ENABLE_TCPWRAPPERS=YES
> pkill inetd
> /etc/rc2.d/S72inetsvc start (or just reboot)
> /etc/hosts.deny => ALL: ALL
> /etc/hosts.allow => ALL: 192.148.117.4, 192.148.117.8, 192.148.117.10,\
> 192.148.117.12, etc
>The hosts.allow can be changed on the fly to let a machine talk to yours.
>With only a small number of known machines able to access yours, you are
>a much smaller target.
>
>
Maybe it is a better idea to use NAT routers to protect your
spectrometers or other
single stations. These routers are very cheap and usually used for
private Internet
access. In germany you have to pay about 40 Euro for such a router and the
prices in other countries should be comparable. Using these NAT routers
you can
define allowed services and/or allowed address ranges.
It is a little bit difficult to describe the full functionality of such
a NAT router and
of course there are differences between the individual products.
Please feel free to ask google using the keywords
NAT router firewall
Regards
Rainer
PS: Hope this broadcast message is o.K. I thought this information
could be useful for some people.
>hth,
>
>dave scott
>iowa state university
>
>
>
>
>
Received on Mon Apr 12 2004 - 16:43:31 MST