[TriLUG] iptables and opening a port

[Christopher L Merrill]

Joseph Tate wrote:
> In RHL 9, the lokkit program was rewritten and renamed 
> redhat-config-securitylevel.

Hmmm...can't 'locate' that at all...maybe our RH9 upgrade didn't install
it (we try to keep a minimum configuration, perhaps that was removed?).

> I'd recommend always blocking unused ports even when behind a firewall.  
> All it takes is one compromised laptop brought in from home to get into 
> your "crunchy on the outside, soft and chewy in the middle" network.

I agree.  However, while it is more secure this way, it's not very useful
if we can't access CVS :(

C

-- 
-------------------------------------------------------------------------
Chris Merrill                      |  http://webperformanceinc.com
Web Performance Inc.               |  http://webperformancemonitoring.net

Website Load Testing, Stress Testing, and Performance Monitoring Software
-------------------------------------------------------------------------