On Sat 18 Aug 2018 at 17:55:50 +0200, john doe wrote: > On 8/17/2018 7:35 PM, Brian wrote: > > On Fri 17 Aug 2018 at 19:16:07 +0200, john doe wrote: > > > > > Also, a server without firewall capibility should never be facing > > > internet. > > > > Why? "never" seems a little strong. Mine does; what's the problem? > > > > Given the fact that the OP want's to use fail2ban and has at least two > services running on his public host (apache, ssh) it was a reasonable guess > to stress out that a firewall is a must in his situation.
There it is again - "must". > > I can not talk about your server configuration because I don't know anything > about it! :) exim on port 25; openssh-server on port 22. Never used netfilter. > In general, the requirements for firewalling a public host depends on the > environment and other factors. > Googling this topick will show that there is no formal answer. The penultimate sentence more or less accords with my view too. In other words - there is no "must" about it. -- Brian.
