On Wed, 12 Feb 2014, Saso Kiselkov wrote:
What services was the system providing? Was NTP one of them? If not, then why were you not running ipf? Always use layered defenses, minimize attack surfaces and don't assume services are configured properly out of the box, or that they are without bugs.
NTP is enabled for the purpose of local clock synchronization. SSH is the only other protocol enabled. The network firewall is very restrictive but does allow NTP and SSH to any host.
I agree with your ideas on defense, but when you are intentionally running a very heterogenous network (as I do), there is not time available to learn the configuration details peculiar to each and every system. I do not enable any more services than are absolutely required.
Bob -- Bob Friesenhahn [email protected], http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
