On Sat, Oct 2, 2010 at 9:11 PM, Tim <ignored_mail...@yahoo.com.au> wrote:
> On Fri, 2010-10-01 at 19:06 +0530, Jatin K wrote: > > what is the perfect way > > > > only host.allow or host.deny file > > > > or only iptables ?? > > One could argue that this is no "perfect" way. And that multiple > efforts to protect yourself is the best way. > > Personally, I'd deny all, and just allow the known address. Then do the > same with the firewall rule. Though, I wouldn't allow telnet, at all. > Are you sure you need it? > > -- > [...@localhost ~]$ uname -r > 2.6.27.25-78.2.56.fc9.i686 > > Don't send private replies to my address, the mailbox is ignored. I > read messages from the public lists. > > > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Big agree with this. It's called defence in depth. However every security decision must be made while considering the trade-offs. Tradeoffs are the possible negative affects of having such strong security, and the most common one is having the security you implemented turn against it's purpose, blocking authorised and identified users.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
