DMZ, *scoff* real men (er administrators) don't need fancy firewalls,
iptables and some magic is good enough. But really this program is
great, I use it on all our linux servers. It works on BSD macOS X and
Debian (probably more but these are all I've access too). anyway, I'm
not gonna press the issue, but anyway it works great with toaster.
Dan
On Wed, 2007-01-31 at 22:14 +0300, Alexey Loukianov wrote:
> Greetings, Dan.
>
> 31 января 2007 г., 21:54:03 you have wrote:
>
> > Hello guys.
>
> > I've built a few toasters over the last year. I love the process, quick
> > and painless (at least till you need to modify spam settigns), anyway.
> > For the most part most people use a stock rpm based *nix and throw in
> > the toaster, which is what I do as well. the only software I add is a
> > small program called denyhosts. this thing is a real lifesaver. Before
> > using it I was getting upwards of 4000 break in attempts through ssh.
> > now I'm down to a handful a day. It's easy enough to install but maybe
> > you wanna think about including it? I know this will be just 1 more
> > thing to support, but it seems my mail servers get hit much harder on
> > ssh then my other servers. If not included maybe add it on the wiki, or
> > related product page. Just my 2 cents.
>
> Don't think that it's worth including in QT, as a can barely see the
> relation between normal administration tasks for server (like
> preventing intrusion) and the maintenance of qmail toaster codebase.
>
> Hadn't you tried to place your mail servers behind firewall/router
> box in DMZ, and to restrict connections to SSH only for internal
> subnet? Also, as a general measure, it is always wise to use other
> that standard 22 port for SSH, and to permit root plain text passord
> logins over it.
>
>
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
