Is my computer safe enough if I use just iptables?
Leonard Isham
leonard.isham at gmail.com
Fri Oct 15 13:52:12 UTC 2004
On Fri, 15 Oct 2004 14:43:40 +0100 (IST), VJ <vj at vijaygill.homelinux.net> wrote:
> Harry,
> Thanks a lot for your reply. I am using DROP policy by default, and
> just open the required holes in firewall (HTTP and SMTP only). This PC
> is not used for browsing at all. It is just a firewall + samba server +
> http server + smtp server + ftp server + MythTV recording +
> playing(both backend + frontend) + more little jobs.
> I do use DROP but I do not log REJECT. Should I do that?
Keep using drop. reject provides additional information to an attacker.
--
Leonard Isham, CISSP
Ostendo non ostento.
More information about the fedora-list
mailing list