[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Intrusion Attempts

Quoting Tim Haynes <debian@stirfried.vegetable.org.uk> on Tue, Dec 10 13:44:
> c) having to have no firewall, or extra holes in a firewall, in order to
>    detect a finite set of events seems daft when you could just be blocking
>    them already by default.

So don't poke extra holes in the firewall, but instead use portsentry
as a second layer of defense.  If for some reason the firewall totally
breaks (as it did once on a dist-upgrade), portsentry will be ready to


If A = B and B = C, then A = C, except where void or prohibited by law.

Reply to: