Does VPN provide adequate security for personal linux machine?

Does VPN provide adequate security for personal linux machine?

Post by Del Craddoc » Sun, 13 May 2001 13:34:57



I am using a cable modem (IP not fixed).  It is  connected to a DLink
701 and then to a switch to provide VPN(?) behind which I have my
linux desktop, a laptop on win2000 and my wife's IMAC (I am waiting on
the upcoming"Yellow Dog" release to convert this to linux).  

The important stuff is on my linux desktop machine. Would it be
prudent to also add a firewall to the desktop or does the VPN provide
reasonable security for a  personal machine?

I haven't done anything security wise beyond the install defaults
(redhat level 3 & progeny debian standard installation).

I would like to be able to tinker with administration, ftp & telnet,
etc between the machines on the private network without a lot of
hassles.  But not at the expense of providing an easy target.

Thanks for the input!!

 
 
 

Does VPN provide adequate security for personal linux machine?

Post by Anthony DeRoberti » Sun, 13 May 2001 16:44:12




> The important stuff is on my linux desktop machine. Would it be prudent
> to also add a firewall to the desktop or does the VPN provide reasonable
> security for a  personal machine?

A VPN does not provide security at all. All that a VPN does is connect
two remote LANs, as if you had a leased line between the two. It prevents
attacks on the traffic passed between the two LANs.

If your boxes have routable IP addresses, you probably are quite open to
attack. Especially since it doesn't sound like you've applied security
patches, see below.

Quote:

> I haven't done anything security wise beyond the install defaults
> (redhat level 3 & progeny debian standard installation).

Use the RedHat up2date tool and the debian apt-get tool to install
security updates. And do that regularly.

 
 
 

Does VPN provide adequate security for personal linux machine?

Post by Magnu » Sun, 13 May 2001 20:30:32


VPN is used to protect the traffic between to LAN's, it does this by
encrpyting the communication. You cannot use it while surfing the web,
it will not provide protection under those conditions. However, you can
with your router, configure a good packet filter, wich will stop most of the
attacks. But you should also stop all services that you do not intend to
provide,
and patch those that you want to provide. What will you be using your
machines
for ? Just getting e-mail, browsing the web.. then turning of nearly all
services would
be appropriate.

Magnus


Quote:

> I am using a cable modem (IP not fixed).  It is  connected to a DLink
> 701 and then to a switch to provide VPN(?) behind which I have my
> linux desktop, a laptop on win2000 and my wife's IMAC (I am waiting on
> the upcoming"Yellow Dog" release to convert this to linux).

> The important stuff is on my linux desktop machine. Would it be
> prudent to also add a firewall to the desktop or does the VPN provide
> reasonable security for a  personal machine?

> I haven't done anything security wise beyond the install defaults
> (redhat level 3 & progeny debian standard installation).

> I would like to be able to tinker with administration, ftp & telnet,
> etc between the machines on the private network without a lot of
> hassles.  But not at the expense of providing an easy target.

> Thanks for the input!!