On Tue, May 29, 2001 at 10:50:07AM +0200, kjfsgjks ksjgkfhfd wrote: > Hi, kjfsgjks: You probably have a real name. Why not use it? > I have a question which has been bothering me all along, with windows / > linux / *bsd / etc. In this case, it's about Debian so I thought I'd post my > question here. > Right now I have a linux-box (Debian 2.2r2) doing my > masquerading/firewalling. It has a dynamic ip (and changes quite often, like > 3 times a day). It runs all the latest patches, no services except for sshd > (for internal hosts) and identd (which is open for external connects. yeah I > know I shouldn't, but I need it). > > I have a firewall set up (ipchains in this case), which blocks just about > anything incoming, except for the high ports (for ftp) and identd. Are your users using passive mode FTP? If so, then you can block off the high port numbers too. Just my 2p worth.... ...snip... > > Tubby -- Karl E. Jørgensen email@example.com www.karl.jorgensen.com ==== Today's fortune: Facts are stubborn, but statistics are more pliable.
Description: PGP signature