Alexander Skwar wrote:
Ryan Tandy wrote:
you're running a firewall of some kind (and you'd be crazy not to for
any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible services
are running on a box, what good should a "firewal" (I suppose you mean
packet filter, like iptables) do? The only useful measure I can think about,
is to do rate limiting. But what else?
Alexander Skwar
Point taken, and agreed with. I retract the "crazy not to" part;
however, some netfilter/iptables features can be very handy in limiting
access to said services (e.g. dropping all SSH connections not coming
from your IP).
I guess sometimes my Windows days do come back to haunt me... ;)
--
gentoo-user@gentoo.org mailing list
