On Sunday 25 February 2007 19:58, Grant wrote: > It occurred to me that if the shorewall firewall on my headless router > doesn't start for whatever reason, I'll be totally exposed. Is there > a way to protect against that?
Well, you'll get an error during boot that iptables did not come up. I assume that shorewall is only run when you change the script and otherwise /etc/init.d/iptables is run as a default service after boot. Anyway, a closed port remains closed whether a firewall is running, or not. An open port is hopefully protected by decently strong passwds/authentication mechanisms. -- Regards, Mick
pgpLipKbfS30d.pgp
Description: PGP signature
