[techtalk] Re: ipchains

[Jeff]

On Mon, Mar 20, 2000 at 09:54:32AM -0500, Michael Carson wrote:
> Jeff wrote:
> > Sounds pretty good.  The only cases where you might want to block out
> > specific ports with Ipchains is if you want to monitor a specific port
> > for abuse; like to watch if people are trying to DOS your win boxes on
> > one of the netbios ports (I don't think win98 is vulnerable to that
> > one... but I have little to no experience with that OS).
> 
>     Unless I'm really missing something here (possible, as I'm coming in late) I disagree.  It would be common to, for example, want to be able for the outside
> to access things like SMTP, but not SNMP, as a trivial example...

SMTP would probably be one of the services allowed that she specifically
enabled.  Everything else should be turned off and blocked.

-- 
Jeff
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++++@>$ P+ E--- W++@ N+ o? K++ w--- O? M V- PS+ PE(--)@ Y+@ PGP++ t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r% y?
------END GEEK CODE BLOCK------

My Public Key -- http://24.5.73.229/pubkey.txt 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
Url : http://linuxchix.org/pipermail/techtalk/attachments/20000320/18686544/attachment-0001.pgp