On Mon, Mar 20, 2000 at 09:54:32AM -0500, Michael Carson wrote:
> Jeff wrote:
> > Sounds pretty good. The only cases where you might want to block out
> > specific ports with Ipchains is if you want to monitor a specific port
> > for abuse; like to watch if people are trying to DOS your win boxes on
> > one of the netbios ports (I don't think win98 is vulnerable to that
> > one... but I have little to no experience with that OS).
>
> Unless I'm really missing something here (possible, as I'm coming in late) I
>disagree. It would be common to, for example, want to be able for the outside
> to access things like SMTP, but not SNMP, as a trivial example...
SMTP would probably be one of the services allowed that she specifically
enabled. Everything else should be turned off and blocked.
--
Jeff
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++++@>$ P+ E--- W++@ N+ o? K++ w--- O? M
V- PS+ PE(--)@ Y+@ PGP++ t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r% y?
------END GEEK CODE BLOCK------
My Public Key -- http://24.5.73.229/pubkey.txt
PGP signature
