--On Sunday, August 21, 2011 2:51 AM +0100 Always Learning <[email protected]> wrote:
> I am acutely conscious of being locked-out. I can get in remotely via > the console. However the very first entries in every server's iptables > have always been to allow 3 static IPs access. 3test comes later on in > the sequence, ensuring what happens there should never lock me out. To reduce the attack surface, create a script that can only update that subtable with a supplied IP address and then invoke it by sudo. _______________________________________________ CentOS mailing list [email protected] http://lists.centos.org/mailman/listinfo/centos
