On Tue, Aug 21, 2001 at 11:12:55AM -0400, dman wrote: > | exim install It's good to have an MTA (not necessarily exim, although it's what I would use) on every box to handle outgoing mail (e.g., snort mailing you a report that something funny is going on). You should modify /etc/init.d/exim and /etc/inetd.conf to prevent connections to port 25, though, unless the box is intended to be a mailserver. Outgoing mail should only require command-line access to the MTA.
> | nfs-common install > | nfs-server install I assume that portmap is also installed if these are present. Remove it, too. Especially on a firewall. > | xfree86-common install > | xlib6g install > | xlibs install These are arguable. You really don't need (and therefor shouldn't have) an X server on a firewall, but it can be useful to have the ability to run X apps remotely. -- With the arrest of Dimitry Sklyarov it has become apparent that it is not safe for non US software engineers to visit the United States. - Alan Cox "To prevent unauthorized reading..." - Adobe eBook reader license
