Skip to main content

:Linux: Identify Gateway Machines

Special attention should be paid to gateway or firewall systems, as they usually control access to the services running on the entire network.
Such gateways should be identified, its function within the network should be assessed and owners or administrators should be identified. These hosts, often referred to as bastion hosts are a prime target for an intruder. They should be some of the most fortified machines on the network.

Be sure to regularly review the current access policies and security of the system itself.

These systems should absolutely only be running the services necessary to perform it's operation. Your firewall should not be your mail server, web server, contain user accounts, etc. Some of the things you should check for, and absolutely fortify on these hosts include:


  1. Turn off access to all but necessary services.

  2. Depending on the type of firewall, disable IP Forwarding, preventing the system from routing packets unless absolutely instructed to do so.

  3. Update machine by installing vendor patches immediately.

  4. Restrict network management utilities, such as SNMP, public communities, and write access.

  5. Be sure firewall policy includes mechanisms for preventing common attacks such as IP Spoofing, Fragmentation attacks, Denial of Service, etc.

  6. Monitor status very closely. You should develop a reference point in which the machine normally operates to be able to detect variations which may indicate an intrusion.

  7. Develop a comprehensive firewall model. Firewalls should be treated as
    a security system, not just a program that runs on a machine and has an access control list. Firewall administration should be centrally controlled and evaluation of firewall policies should be done prior to actual firewall deployment.




Excerpt from the LinuxSecurity Administrator's Guide:
Written by: Dave Wreski (dave[at]guardiandigital.com)

[tags]linux, firewall, gateway[/tags]

Comments

Popular posts from this blog

اهم التطورات العلمية في العام ٢٠١٩

Dear Microsoft : It's over. Our relationship just hasn't been working for a while, and now, this is it. I'm leaving you for another Operating system. I know this isn't a good time--you're down with yet another virus. I do hope you feel better soon--really, I do--but I, too, have to move on with my life. Fact is, in the entire time I've known you, you seem to always have a virus or an occasional worm. You should really see a doctor. That said, I just can't continue with this relationship any longer. I know you say you'll fix things, that next time it'll go better--but that's what you said the last time--and the time before that. Each time I believed you. Well, not any longer. You cheater! The truth is there's nothing more you can say to make things better. I know about your secret marriage to patent. You say you two are not seeing each other anymore, but I just don't believe it. You say you can live without patent, and I've heard that

10 things Dorothée Loorbach learned after losing a lot of money

Dorothée isn't just sharing her life changing experience with work and money, and sharing the following tips which won't make much sense without listening to the tips in her own words Money is important Money equals time Money equals value What people say doesn't matter What people say matters most when people is you! It's really simple - spend less, earn more, invest wisely and value yourself. It's not that easy Being broke sucks Stay Broke - be present in your own life Money isn't important https://youtu.be/_8l2egORXGA