On Wednesday 05 March 2003 22:08, Lorne wrote: > On Wednesday 05 March 2003 12:38 pm, Todd Lyons wrote: > > > > PLEASE PLEASE! DO NOT MAKE THE FIREWALL SERVE A BUNCH OF SERVICES! > > Try the converse on for size.
Don't restrict access to services on a machine because you should really do that on a separate machine. Wietse must have been misguided when writing TCP wrappers. Then try and answer these two questions. Is it really better to burn a hole in your wall for SMTP than it is to put SMTP on the gateway machine? Can I really get better security by permitting burning holes with persistent http tunnels than by installing a transparenet proxy on the gateway? Jim Tarvid
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
