Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

filtered ports



On Fri, 2 Nov 2001, Matthew J. Brodeur wrote:
<SNIP>
>    I personally would remove ipchains completely on a system like this,
> but that's up to you.
> 
</SNIP>

I have to ask - why?  If you can add an additonal layer of protection to 
your system by ensuring that no unintended services can operate - then 
what's the harm?

I persoanlly setup IPCHAINS, wrappers (when possible), and application 
ACL's (when possible) to reduce the chance of someone explioting my box or 
- more likely - me inadvertantly leaving a service running or having 
it externally accessed while testing.

Just my $.02...

--Tim






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org