Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Steven on July 27, 2002, 06:10:54 AM
-
I have setup e-smith at a school and am concerned about attempts to crack the system. I installed the services rpm and disabled everything except: www, mail-services, squid/squid-guard, & ssh. I believe identd and pptp may also be running. Is there anyway to audit invalid login attempts to the server? (I had installed acid/snort but removed it after it was not showing anything- even after intentional port scans) Are there any other major security threats that I may also need to be aware of with this setup?
Another solution if possible-
Is there anyway to set a certain range of local IP's as part of the outside/untrusted network, but still be able to use the transparent squid/squidguard filter?
e.g:
Net connection
||
eth0
e-smith
eth1 - 10.0.0.1
||
hub/switch-------- = 10.0.0.2-10.0.10
||
10.0.0.11-10.0.0.254 - Untrusted (no local access rights except transparent proxy)
If needed, I could also add a 3rd NIC if it would achieve this.
Thanks for you comments/suggestions!!