Regarding hacking attempts, I suggest reading about iptables and how to configure this. In a nutshell, you can do these few things to block attempts. Set a known state for iptables: set a default rule to drop all input packets, output packets, and forward packets. Set a rule to allow local only connections. Set a rule to allow outgoing connections. Set a rule to permit answers on already established connections. This way, by default everything is blocked except you connecting outwards, returned answers from established connections (like ftp using two ports etc), and local only allow. Everything else is dropped. You will need to add specific rules if you want to expose certain interfaces like ftp and ssh etc for outside connection. There are also some things you can by writing to /proc/sys to gain extra protection, like the following: # Enable broadcast echo Protection echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts # Disable Source Routed Packets echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route # Enable TCP SYN Cookie Protection echo 1 > /proc/sys/net/ipv4/tcp_syncookies # Disable ICMP Redirect Acceptance echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects # Don?t send Redirect Messages echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects # Drop Spoofed Packets coming in on an interface, where responses # would result in the reply going out a different interface. echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter # Log packets with impossible addresses. echo 1 > /proc/sys/net/ipv4/conf/all/log_martians # be verbose on dynamic ip-addresses (not needed in case of static IP) echo 2 > /proc/sys/net/ipv4/ip_dynaddr # disable Explicit Congestion Notification echo 0 > /proc/sys/net/ipv4/tcp_ecn Check out this useful example from linuxfromscratch http://www.linuxfromscratch.org/blfs/view/stable/postlfs/firewall.html And look for the docs for iptables and tutorials on how it work. None of this is distro specific except how the scripts get fired and where they reside etc. Littlefield, tyler wrote: > I'm not sure how to set up iptables, and don't really have a whole lot > of time to go through a huge 300000 page tutorial.
