On Sat, Dec 07, 2002 at 09:10:55PM -0800, Paul Johnson wrote: > On Sat, Dec 07, 2002 at 09:20:08PM +0100, Frank Gevaerts wrote: > > What I would do (I don't since I have a dedicated firewall machine) is : > > - close all unneeded services > > Better yet, not just close, purge them. > > > - install a firewall that just drops any incoming connection from your > > cable-connected ethernet interface. (I would recommend using fwbuilder > > The security gained with this step is epsilon under Linux if you don't > have services that aren't needed installed.
Lots of services may be needed locally. Not every service is trivial to reconfigure to only use selected interfaces. Also, whenever you install some package to experiment with it, you have to be careful it doesn't liaten on your external interfaces. Frank > -- > .''`. Baloo <[EMAIL PROTECTED]> > : :' : proud Debian admin and user > `. `'` > `- Debian - when you have better things to do than to fix a system -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
