Re: error msg

To: Giacomo Mulas <gmulas@ca.astro.it>
Cc: "Liu, GuangYu" <GuangYu.Liu@AP.ATT.com>, debian-security@lists.debian.org
Subject: Re: error msg
From: Phillip Hofmeister <plhofmei@zionlth.org>
Date: Tue, 30 Jul 2002 10:36:28 -0400
Message-id: <[🔎] 20020730143628.GA9900@zionlth.org>
Mail-followup-to: Giacomo Mulas <gmulas@ca.astro.it>, "Liu, GuangYu" <GuangYu.Liu@AP.ATT.com>, debian-security@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.44.0207300943360.4101-100000@capitanata.ca.astro.it>
References: <[🔎] 561AEC667E20D311A9450090274F6DB9E70A14@ATTAPABDCSYD> <[🔎] Pine.LNX.4.44.0207300943360.4101-100000@capitanata.ca.astro.it>

On Tue, 30 Jul 2002 at 09:51:19AM +0200, Giacomo Mulas wrote:
> 3) if you do need them (e.g. you need to export NFS file systems) restrict
> access to all of these relatively fragile services to trusted hosts, using
> hosts.allow, hosts.deny and/or firewalling.
> 
On his point I would like to add that I encourage everyone I talk to to involk
a strong filtering system on any Linux system directly accessable from the net.
I also encourage it on systems that are not directly accessable.  Internal hosts
can always get compromised.  A strong firewall ruleset will DROP everything and
allow only what is needed.

Regards,

-- 
Phil

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: error msg
  - From: Dale Amon <amon@vnl.com>

References:
- error msg
  - From: "Liu, GuangYu" <GuangYu.Liu@AP.ATT.com>
- Re: error msg
  - From: Giacomo Mulas <gmulas@ca.astro.it>

Prev by Date: Re: error msg
Next by Date: Some more port closing questions
Previous by thread: Re: error msg
Next by thread: Re: error msg
Index(es):
- Date
- Thread