[dundee] Fedora Core 3 htree error
Lee Hughes
toxicnaan at yahoo.co.uk
Sat Oct 13 03:22:32 BST 2007
I agree!
Andrew Clayton <andrew at digital-domain.net> wrote: On Sat, 13 Oct 2007 01:31:10 +0100 (BST), Lee Hughes wrote:
> overkill? lets see.
>
> iptables..
>
> better performance..
>
> better logging
>
> implement at kernel , not in a libwrap.a
>
> can control ICMP traffic, and other weirdo packets.
>
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/tcpwrappers.html
>
> quote.
> ''The added functionality of TCP Wrappers should not be considered a
> replacement for a good firewall. TCP Wrappers can be used in
> conjunction with a firewall or other security enhancements though and
> it can serve nicely as an extra layer of protection for the system.'
>
> if you want to argue with the freebsd guys, be my guest.
>
> ;-)
That's all very good.
When the only network service on your box is ssh, tcp wrappers for me
does the job.
The bad packet thing I can kinda see, but then again it's not caused me
any problems in oh, some 12 years or so. Linux is pretty resilient to
these things.
Of course I'm taking about my machine at home here, in a different
environment, I may consider extra layers, iptables, selinux etc.
Andrew
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
---------------------------------
For ideas on reducing your carbon footprint visit Yahoo! For Good this month.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20071013/06b6de89/attachment.html
More information about the dundee
mailing list