Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

filtered ports



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 2 Nov 2001, Tim Lyons wrote:

> On Fri, 2 Nov 2001, Matthew J. Brodeur wrote:
> <SNIP>
> >    I personally would remove ipchains completely on a system like this,
> > but that's up to you.
> >
> </SNIP>
>
> I have to ask - why?  If you can add an additonal layer of protection to
> your system by ensuring that no unintended services can operate - then
> what's the harm?

   Since this is a Red Hat 7.1 system it should have BOTH iptables and
ipchains installed.  IPTables provides all of the functionality of the
older ipchains and more.  Having both installed doesn't make a lot of
sense, especially considering that only one can be used at any time.
   I didn't mean to imply that host based firewalling was a bad idea or
that the tools to do so should be discarded.  In this case it's simply a
matter of clearing away needless clutter.


- -- 
     -Matt

Computer programmers know how to use their hardware.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE74uycc8/WFSz+GKMRAujOAJ9Oe7DntB5GNNxb9ZKmHHbg8AP7wACfd/xH
D8zteN+yCM6mFmFxLe59Gv8=
=IMBd
-----END PGP SIGNATURE-----





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org