while having a test box out there 'in the wild' accumulating data on currently-employed techniques for cracking hosts, methinks that functionality would be better suited to a separate host.
It is entirely possible that this functionality *is* on a separate host, but this is beside the point. The point being made that open ports do not necessarily constitute insecurity.
-- Benjamin Meade System Administrator LanWest Pty Ltd Ph: +61 (8) 9440 3033 Fax: +61 (8) 9440 3370
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
