On Sun, 23 Apr 2006, Jason Boxman wrote:
> On Sunday 23 April 2006 06:27, steve szmidt wrote:
>> On Sunday 23 April 2006 01:23, Eben King wrote:
>>> Yup, iptables is flexible and powerful. But if hosts.deny can do what I
>>> need (i.e. stop this user from getting web pages), I see no need to set
>>> it up. It's just a residential machine.
>>
>> One more note. There is no such thing as just a residential machine. There
>> are machines who one does not care if it is hacked twice a day and wiped
>> out twice a week, and those where you for whatever the reason, do not want
>> to have to waste time on.
>
> Absolutely.
>
> While we're at it, why don't we set up a dedicated firewall
Heh. I had a spare 486 that I slapped a couple ISA NICs in and called it a
router. Ran 2.2 w/ iptables very well. It logged by sending messages to
syslogd over the LAN. Quite handy having your firewall logs on your own
machine.
> a deny by default policy, ...
Didn't have that...
-- "Never go off on tangents, which are lines that intersect a curve at only one point and were discovered by Euclid, who lived in the 6th century, which was an era dominated by the Goths, who lived in what we ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:42:22 EDT