Security on your Home Network
Manitoba UNIX User Group Presentation
Michael Doob --- May 9, 2000
Where and what to look for
Using syslogd
syslogd format in syslog.conf: facility.level action
| facility | level | action |
|---|
| user | emerg | filename
|
| kern | alert | @server
|
| mail | crit | user
|
| daemon | err |
|
| auth | warning |
|
| lpr | notice |
|
| news | info |
|
| uucp | debug |
|
| cron | none |
|
| local1-7 | |
|
| mark | |
|
| * | |
|
Packet structure
- IP packets, ports, headers and data
- Protocols
- ICMP (Internet control message protocol)
- UDP (User datagram protocol)
- TCP (Transmission control protocol
- ports, reserved and otherwise in /etc/services
- ACK and SYN
Encryption with ssh
packet filtering with ipchains
- types of chains (input, output, forward)
- listing current rules (-L option)
- appending to the current rules (-A option)
- inserting in front of the current rules (-I option)
- deleting from the current rules (-D option)
- flushing the current rules (-F option)
- log to a file (-l option)
- ACCEPT, DENY, REJECT (-j option)
- filtering rules
- by source address (-s) (eg, 130.179.0.0/16)
- by destination address (-d)
- by protocol (-p) (eg tcp)
- by SYN (-y)
