[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Yes i would love a copy of your rules as i have been meaning to lock down my box for ages, ipchains is used with 2.4 kernel, is that correct? On Monday 07 January 2002 23:01, you wrote:
hi mathew, 'linux complete' by sybex has excellent sections on networking, masquerading and firewalls - and its only 15 quid. my firewall principle is this - block everything from getting through the firewall. on ipchains use DENY and not REJECT because DENY drops the packet whereas REJECT sends back a response. then let through only the traffic you want - response to web page requests, email, newsgroups. finally i log everything which is being denied. then when you have a problem i.e. secure web pages are not working - then you can look at the packets which were rejected (ah! packets to port 443/https) - and then add a rule to allow them through. being this strict means that i don't worry too much about being connected nearly continuously at weekends - and also large overnight downloads are safe(r). if you want i could send a copy of the ipchains rules i use as an example. kev MATTHEW BROWNING wrote:Here's a happy New Year offer for you ;) I'm sure a few of you will have heard of this already since it has been going around a few MLs over the past week or so, but Sun Microsystems are advertising servers with "24 * 900 MHz UltraSPARC III Processors" on their website for less than eighty quid!!! The offending page is here: http://www.sun-catalog.com/partpricing.xml?site=GB_ENG&catalogue=FC&se ction=FC_SC&item=FC_SC_CAT&group=2&id=688 This becomes interesting because the Sale of Goods Act, here: http://www.lawnet.com.sg/freeaccess/SGA.htm may be interpreted to suggest an obligation for them to sell at that price if you place an order before they get wise to their error (which will be soon, I reckon). Have fun. MB. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.