Why does anyone run a bridged network? Why does anyone expose their management ip ranges to the internet? Why does anyone not upgrade firmware to fix security vulnerabilities that are years old?
Shall I go on? :-) Justin Wilson j...@mtin.net www.mtin.net www.midwest-ix.com > On Mar 3, 2018, at 9:12 PM, Steve Jones <thatoneguyst...@gmail.com> wrote: > > Why does anyone have non acl input allow on infrastructure > > On Mar 3, 2018 3:39 PM, "Justin Wilson" <li...@mtin.net > <mailto:li...@mtin.net>> wrote: > Do the following. > > 1.Dont have it listen on public ports. > 2.IPtables if you must have it listen on public ports for whatever reason. > 3.Compile with libwrap and use tcpwrappers for the best security > > Justin Wilson > j...@mtin.net <mailto:j...@mtin.net> > > www.mtin.net <http://www.mtin.net/> > www.midwest-ix.com <http://www.midwest-ix.com/> > >> On Mar 3, 2018, at 12:13 PM, David M <dmilho...@wletc.com >> <mailto:dmilho...@wletc.com>> wrote: >> >> I block it on the input for any router we have. >> I havent considered doing for the forward table. >> >> On 3/2/2018 3:37 PM, Mike Hammett wrote: >>> You are blocking port 11211, right? >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> >> >