[techtalk] Re: ipchains
phaedrus at thereactor.cleptoscastle.com
Mon Mar 20 17:52:03 EST 2000
On Mon, Mar 20, 2000 at 09:54:32AM -0500, Michael Carson wrote:
> Jeff wrote:
> > Sounds pretty good. The only cases where you might want to block out
> > specific ports with Ipchains is if you want to monitor a specific port
> > for abuse; like to watch if people are trying to DOS your win boxes on
> > one of the netbios ports (I don't think win98 is vulnerable to that
> > one... but I have little to no experience with that OS).
> Unless I'm really missing something here (possible, as I'm coming in late) I disagree. It would be common to, for example, want to be able for the outside
> to access things like SMTP, but not SNMP, as a trivial example...
SMTP would probably be one of the services allowed that she specifically
enabled. Everything else should be turned off and blocked.
-----BEGIN GEEK CODE BLOCK-----
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++++@>$ P+ E--- W++@ N+ o? K++ w--- O? M V- PS+ PE(--)@ Y+@ PGP++ t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r% y?
------END GEEK CODE BLOCK------
My Public Key -- http://188.8.131.52/pubkey.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 248 bytes
Desc: not available
Url : http://linuxchix.org/pipermail/techtalk/attachments/20000320/18686544/attachment-0001.pgp
More information about the Techtalk