[no subject]

> I'm interested since this redhat box will be a firewall for a home lan
> I'm setting up.  Thus far, things seem quite happy otherwise and are
> working smoothly with the first Win98 client.  It's using the firewall
> to access the internet through the cable modem and all the services seem
> to work just fine.

I suggest you look into Sentry (www.psionic.com) which can detect the
stealth scans. From my limited experience, there are 10 stealth scans
for every non-stealth scan. You should also abandon telnet in favor of
ssh. Avoid imapd and portmap unless you absolutely need them as they seem
to be common targets.

In your cable modem environment you should beware of sniffers as if I'm
not mistaken those cable modem networks are an ethernet. (Please correct
me if I'm wrong.) From my security notes, in the last two months I've
tracked 3 portscans back to Linux machines on a cable modem network and in
each of those cases those Linux machines had been broken into and the
cracker was using them to find other machines.


Bruce Tong                 |  Got me an office; I'm there late at night.
Systems Programmer         |  Just send me e-mail, maybe I'll write.
Electronic Vision / FITNE  |  
zztong laxmi ev net        |  -- Joe Walsh for the 21st Century