On Fri, Dec 13, 2002 at 09:25:02AM +0100, Javier Fern?ndez-Sanguino Pe?a wrote: > On Thu, Dec 12, 2002 at 04:18:17PM -0500, Raymond Wood wrote: > > There have been several responses to Yogesh's question, but none > > of them provide a clear and straightforward answer. > > Ok. Let me try again: this is a security risk. > > A gateway firewall _needs_ to be setup the following way: > > 0.- setup a default DROP policy, flush all policies > 1.- startup network interfaces (but w/o forwarding) > 2.- setup proper firewall rules > 3.- enable forwarding /etc/network/interfaces pre-up -- Pav ,., ,``:'', That your internet traffic is {o ! o} My GPG/PGP key is now available at vulnarable is NOT only a joke! ] -+- [ x-hkp://search.keyserver.net:11371. \ ! / `-' `shell$ gpg --keyserver x-hkp://search.keyserver.net:11371 --recv-key 164C028F`
Attachment:
pgpuf6yuh936P.pgp
Description: PGP signature