On Tue, Jul 01, 2003, Shachar Shemesh wrote about "Re: Snort - iptables addon": > The bottom line is this - if you have no open source, why do you care > whether you are scanned?
Paranoids (like me, for example) use several lines of defense. For example, here are 3 lines of defense: 1. Run no listening services outside 127.0.0.1 2. Make sure all your installed software is up-to-date 3. Run a firewall preventing any incoming connections, scans, etc. The idea is that even if I mess up one thing, e.g., forget one service open, or forget to upgrade some package, or mess up my firewall settings, I still have two other "lines of defense" protecting my home computer. Obviously, protecting a major server (which is intended to have many open ports and used by several people) is quite a different thing. -- Nadav Har'El | Tuesday, Jul 1 2003, 1 Tammuz 5763 [EMAIL PROTECTED] |----------------------------------------- Phone: +972-53-245868, ICQ 13349191 |Guarantee: this email is 100% free of http://nadav.harel.org.il |magnetic monopoles, or your money back! ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
