[plug] Security

[John Summerfield]

> John Summerfield wrote:
> >
> > It's wise to apply all updates relevant to your system. For added security
> > you can also firewall yourself with ipchains (2.2 kernels and patched 2.0)
> > or ipfwadm (2.0 only). May require you rebuild your kernel with the
> > firewall support.
> 
> It's questionable whether firewalling off non-existent services will
> have any positive effect on the system's security.  The only situation
> where it might really be worthwhile would be if the service could be
> inadvertently switched back on.

I don't think I mentioned non-existent services. However, if one's using 
X-Windows in some form, there's a few ports above 6000 that should be 
blocked.

Quite likely you don't want the Evil Ones accessing your home webserver if 
you run one: it may not be dangerous, but it still chews bandwidth. 
Firewalling is one way of stopping spammers bouncing off your SMTP service.

In any event, prudent firewalling means blocking everything and allowing 
access to services you must.
-- 
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.