[dundee] Fedora Core 3 htree error
Lee Hughes
toxicnaan at yahoo.co.uk
Sat Oct 13 01:38:06 BST 2007
overkill? lets see.
iptables..
better performance..
better logging
implement at kernel , not in a libwrap.a
can control ICMP traffic, and other weirdo packets.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/tcpwrappers.html
quote.
''The added functionality of TCP Wrappers should not be considered a replacement for a good firewall. TCP Wrappers can be used in conjunction with a firewall or other security enhancements though and it can serve nicely as an extra layer of protection for the system.'
if you want to argue with the freebsd guys, be my guest.
;-)
Andrew Clayton <andrew at digital-domain.net> wrote: On Sat, 13 Oct 2007 00:48:00 +0100 (BST), Lee Hughes wrote:
> hmm, lsattr huh! looks like it's doing ioctl's?!!
>
> what wrong with ls -l these days?
They show different things.
> you know r-x-rwx--x sort of format?
>
> by the looks of your post your in /proc when
> your running it? that's a bad idea.
>
> host.deny.. tcp wrapper, it's so old, I don't think
> it's even supported anymore..
On the contrary it's still very much in use.
> use iptables, it's for real men/women/aliens.
iptables is generally overkill for an end point machine. Remember this
not windows!
> Laters,
> Lee
Andrew
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
---------------------------------
For ideas on reducing your carbon footprint visit Yahoo! For Good this month.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20071013/bbc8b5c1/attachment.html
More information about the dundee
mailing list