Fri, 2008-05-23 15:42 — freedom
i am using bsnl dataone to connect to internet and my computer is on
24x7 downloading.so i am concerned about securing my machine.i am
curious as to how to firewall my machine the best way .usually i connect
to net using the modem as router. i have inbuilt ethernet card and i
have forwarded only one port which i use for bittorrent .A scan at
grc.com gives me complete stealth status but an intense scan with
nmap-frontend shows port 23,21,111 and few other ports open and it also
correctly detects the os which is running the dlink router.Recently i
read that it is easy to hack these low-cost routers and the hacker can
steal my username and password.Though i have disabled web acccess
control and ssh access to my router is it still possible to hack a
simple router especially dlink ones ? note that when i took dataone one
year ago i was computer novish and did not know about antivirus, linux
etc so i was hacked and bombarded with a huge bill.
i have also learned about the rp-pppoe package in fedora (currently i am
using fedora 8 : fully up-to-date) which lets us dial out like that in
winows xp dialer.but then i am left with only iptables.so i modified it
by system-config-firewall,stopped service rpcbind from starting up and
modified /etc/sysctl.conf to deny any ping from outside.now both grc and
nmap reports all first 1714 ports stealth (grc.com) and closed (nmap).so
it seems like the firewall protection is strengthened.
so i want some advice on this issue - and i also want to know what other measures
should i take to prevent my computer from becoming part of a botnet ?