Re: Iptables firewall
On 22 Jul 2004, jmm wrote:
> Thanks Daniel
No problem. Sorry that you have had these problems. :)
> Even though tiger does not show errors and debsums cannot check /bin, I
> decided I am going to do a complete reinstall -again-- since aide (for
> some reason), reports files changes in /bin /dev and other places. I
> don't know how to trust this report is until I learn more about aide.
That sounds like a good idea; better safe than sorry.
For what it is worth, I tend to do my system builds either behind a
known-good firewall, or without a network connection, and then make sure
any daemons are turned off while I connect to a network and update to
the latest security patches.
Oh, and in an on-topic thing, I tend to get 'firehol' installed as the
first service after sshd, and set up to 'outbound only' rules while I
get the rest of the thing right.
There is censorship in this country, all right, make no mistake about that,
but also make no mistake about its source...While the government will not
censor, apparently the networks will. The irreparable damage to the public is
all the same.
-- Nicholas Johnson, Federal Communications Commissioner,
_New York Times_, (April 8, 1969)