* Henrique de Moraes Holschuh (h...@debian.org) [110820 14:39]: > Yes. And we can easily maintain a current one for Debian-packaged software, > although the initial build of such a blacklist will take some work.
Actually, the existing interface net.ipv4.ip_local_port_range seems to work quite well. And there are so many ports that for most servers it seems acceptable to limit the outgoing ports to only a tiny portion of port numbers (like 1/4th or so). Andi -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110820141725.gf15...@mails.so.argh.org
