Re: newbie firewall recommendation

To: debian-firewall@lists.debian.org
Subject: Re: newbie firewall recommendation
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Thu, 5 Jun 2003 00:42:13 +0200
Message-id: <[🔎] 20030604224213.GA22320@lina.inka.de>
In-reply-to: <[🔎] Pine.LNX.4.44.0306041455190.10070-100000@in.theory.org>
References: <[🔎] 20030604214758.GA21688@lina.inka.de> <[🔎] Pine.LNX.4.44.0306041455190.10070-100000@in.theory.org>

On Wed, Jun 04, 2003 at 02:56:56PM -0700, Richard Cochinos wrote:
> (The 1551 ports scanned but not shown below are in state: closed)

netstat is much more reliable and faster.

Now you only need to make sure to keep your mail, web and ssh daemon up to
date. And there is noting a filter would help you here. Of course local
hardenign to the host like removing suid programs, unsing chroot jails or
SELinux and stuff like that can do some additional risk midigation, see for
example my hardening collection:

http://www.freefire.org/lib/hardening.en.php3

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- Re: newbie firewall recommendation
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: newbie firewall recommendation
  - From: Richard Cochinos <richard@theory.org>

Prev by Date: Re: newbie firewall recommendation
Next by Date: Re: newbie firewall recommendation
Previous by thread: Re: newbie firewall recommendation
Next by thread: Re: newbie firewall recommendation
Index(es):
- Date
- Thread