On Sat, Jan 08, 2000 at 08:19:14PM -0500, Dirk Eddelbuettel wrote: > -- do we have a basic "hardening howto" document ?
Not yet. :) I'm in the process of building up a set of proxies for our firewall, and I will document what all I did to help harden the boxen. > -- how do keep services like time, talk, ... accessible "inside" (ie on eth1 > on 192.168.1.*) but _not_ to the outside world on eth0 ? I'm not sure, but doesn't xinetd allow binding to different addresses? Or, you can make a set of ipchain rules to do this... Tim -- (work) [EMAIL PROTECTED] / (home) [EMAIL PROTECTED] - http://www.buoy.com/~tps "It's easy to make a buck. It's a lot tougher to make a difference." - Tom Brokaw ** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**
