Routers are only good for stopping inbound connections. For outbound, you need a software firewall with a flexible rules set you can easily control. This is to keep any unauthorised outbound connections you or someone on the network may have due to a compromise.
I highly recommend running some type of IDS (intrusion detection system) on your linux box to help with security.
Routers can be easily bypassed with the use of exploits (there are several methodologies in which this can be done, such as layering.) and if you or someone on the network is compromised, an unauthorized outbound connection is very likely, most likely being that of some type of reverse connection to defeat the NAT. This is where a software firewall would serve you well. Sitting behind a router alone is not good enough, regardless of whether or not you are forwarding ports or running server(s) You might feel pretty safe, but as I said, they can be easily bypassed.
Exploits are very complex, and there are ways to effectively scan and attack while initiating IDS and firewall evasion.
Scanning for root kits on a regular basis is a good idea, as is monitoring traffic with tcpdump. A firewall helps, and an IDS is neccessary, because it monitors everything from port scanning, to port binding, to shell injections, it goes on and on.
Here are some links to a couple of good IDS’s you might want to look at.
snort.org/
lids.org/
Here are a couple of links for some software firewalls for linux.
sourceforge.net/projects/xfwall/
firehol.sourceforge.net/
Firehol is pretty good as it utilizes sniffing, and works to help you control your iptables.
You remember I mentioned to you about iptables before? You can control access from remote ip’s and ip ranges with your iptables.
Tcpdump should already be installed on your Slackware system.
For more information on tcpdump, you can go here.
erg.abdn.ac.uk/users/alastai … p.html#use
All these things are pretty much essential if you truly want to feel secure.
I can’t stress to people enough on the fact that you can not afford to take security lightly, but when it comes down to it, it’s really all up to you.
You may think, well I don’t really do much, and I don’t place myself in places where I might be targeted, but that is naive. Tons of hackers scan random ip ranges looking for a vulnerable machine. A lot of times a hack is nothing more than a random opportunity.
Anyways, you know what I do hitest, and you can take it for what it’s worth
Cheers all.