I believe it is safer to specify a DENY rule as default, then allow access
to who you want.
Otherwise, you will know about security problems only after an atack.
Regards,
Hime
At 15:40 03/02/00 +1100, Daniel Zeaiter wrote:
>I wrote in on this subject a few days ago, and I got very many helpful
>suggestions. Thankyou to those people. However I think RTFM has paid
>off. I think I've found a way to only let internal network hosts
>(192.168.1.0/24) to access my FTP server. I just need someone to tell me
>if this is totally secure.
>
>Bear in mind, I've had friends testing it, and none of them can get in,
>whereas all the internal hosts can.
>
>ipcahins -A input -s ! 192.168.1.0/24 --destination-port 21 -p tcp -j
>DENY
>
>Any suggestions\improvments would be welcome!
>
>Buenos Dias,
>Daniel.
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
