[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Is my computer safe enough if I use just iptables?



On Fri, 15 Oct 2004 14:43:40 +0100 (IST), VJ <vj vijaygill homelinux net> wrote:
> Harry,
>   Thanks a lot for your reply. I am using DROP policy by default, and
> just open the required holes in firewall (HTTP and SMTP only). This PC
> is not used for browsing at all. It is just a firewall + samba server +
> http server + smtp server + ftp server + MythTV recording +
> playing(both backend + frontend) + more little jobs.
>   I do use DROP but I do not log REJECT. Should I do that?

Keep using drop.  reject provides additional information to an attacker.

-- 
Leonard Isham, CISSP 
Ostendo non ostento.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]