At 1/15/2002 03:30 PM -0800, you wrote: >But you can also restrict access to hosts in the ipchains/iptables scripts. >I use tcpwrappers also, but technically, I think it is correct, if you >blocked access at the firewall level, the request would never be seen by the >tcp wrapper daemon. ipchains and iptables happen at the kernel/networking >layer. Isn't this correct?
Correct. But defense in depth is your friend. Someday you may break your packet filter, or configure it improperly by mistake. Someday there may be a bug in the code that allows people to get through. Any second line of defense is useless *until* that happens... then it's priceless. -- Rodolfo J. Paiz [EMAIL PROTECTED] _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
