Gentoo Archives: gentoo-security

From: mickey@×××××××××.us
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 16:55:35
Quoting "Thomas T. Veldhouse" <veldy@×××××.net>:
> > In "closing" ports, one has the option - nay one is recommended - to > > use the "DROP" target which has the desired effect of which you speak. > > It is probably a very good idea to actually REJECT ident (113/tcp) lookups > rather than drop them. It is very common to have reverse ident lookups do > to your activity, and a DROP will cause a delay that is not needed. This > particular item is normal and not a security concern in and of itself. As a > matter of fact, it is so common, it is good to not even log it.
Good advice. I will heed it. So, accept 113/tcp and ICMP packets. Anything else? Oh, a judicious use of "--limit" may also be a good idea. dreamwolf -- gentoo-security@g.o mailing list