Wednesday, July 23, 2008

Securing your company with Linux firewalls

If you do not have a firewall for your company as yet ... well just get one now ! The Internet is just not the safe place it used to be you know;-)

Firewall do 1000 % more than they used to do in the good old day. Firewall are used as VOIP servers, VPN servers, VPN end-tunnel-servers, hosting servers, Authentication servers, RAS server etc etc.

The first reason to get a firewall is to protect your internal computer network from the outside world. Your data can be stolen, company information can be stolen, financial documents can be stolen, identify theft or even your customer data can be stolen, and if that comes out, pick your favourite holiday destination and flee the country.

You have different kind of Attacks on the Internet , too many to mention, but the most well known types are DoS attacked, port scans, sniffers, eavedrops, bots, irc clients, Spam host, open relays etc. By securing your network and ensuring that you keep track of any exploits on software ( you can have a secure firewall, but if your firewall allowed port 80 traffic, and your IIS server is exploitable, your firewall is useless to this attack). If you are still running a Bind version prior to July 2008 release, it is time to upgrade.

Your normal services that a firewall will not close down, is normally port 80 ( web server ) port 53 ( dns server ) port 25 ( smtp mail server ) port 110,143 ( email services ). While you can have all the best rules for your firewall, but your firewall is hosting your DNS as well, and some hacker exploits your bind software, they will take FULL control over your server. Now think about this, give a hacker full access to your Firewall, and give him a couple of hours, and you will have the worst business day ever. SO maybe it is time that you show the threats to you Financial clowns, and tell them to always give IT the lowest budget, and explain that a firewall should do nothing else besides firewalling. If you had your DNS separate from your Firewall, the risk is 100 % less.

Get some comments coming in, and I will give some more advice or rules even if you need.

No comments: