* Henrique de Moraes Holschuh ([email protected]) [110820 14:39]: > Yes. And we can easily maintain a current one for Debian-packaged software, > although the initial build of such a blacklist will take some work.
Actually, the existing interface net.ipv4.ip_local_port_range seems to work quite well. And there are so many ports that for most servers it seems acceptable to limit the outgoing ports to only a tiny portion of port numbers (like 1/4th or so). Andi -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
