I neglected to mention that I ALWAYS deny everything first.
Daniel
Jose Luis Hime wrote:
>
> I believe it is safer to specify a DENY rule as default, then allow access
> to who you want.
>
> Otherwise, you will know about security problems only after an atack.
>
> Regards,
> Hime
>
> At 15:40 03/02/00 +1100, Daniel Zeaiter wrote:
> >I wrote in on this subject a few days ago, and I got very many helpful
> >suggestions. Thankyou to those people. However I think RTFM has paid
> >off. I think I've found a way to only let internal network hosts
> >(192.168.1.0/24) to access my FTP server. I just need someone to tell me
> >if this is totally secure.
> >
> >Bear in mind, I've had friends testing it, and none of them can get in,
> >whereas all the internal hosts can.
> >
> >ipcahins -A input -s ! 192.168.1.0/24 --destination-port 21 -p tcp -j
> >DENY
> >
> >Any suggestions\improvments would be welcome!
> >
> >Buenos Dias,
> >Daniel.
> >
--
Daniel Zeaiter
E-Mail: [EMAIL PROTECTED]
Phone: 0408 242 500
ICQ: 16889511
Website: homepages.ihug.com.au/~mdzeater
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
