On Tue, May 28, 2002 at 11:42:07PM +0100, Antony Stone wrote: > On Tuesday 28 May 2002 11:26 pm, Nick Drage wrote: > > On Tue, May 28, 2002 at 03:10:12PM -0400, Ramin Alidousti wrote: > > > On Tue, May 28, 2002 at 09:00:33PM +0200, Axel Christiansen wrote:
<snip> > I still think the best solution is to use a firewall which is *only* a > firewall (ie there are no services running on the machine which anyone > should be contacting), therefore any packets addressed directly to the > firewall itself are regarded as invalid, and can be DROPped. Ah yes, I was thinking more in terms of a "firewall" being a set of rules on a single host - I still forget what a general term it is :) <snip good stuff> -- FunkyJesus System Administration Team
