On 10 Jun 2001 17:27:11 +1100, Les Bell wrote:
>
> >>
> I know iptables is still relatively new, but it addresses SNAT and DNAT
> (source and destination)
> as well as MASQUERADING. This maybe the first cross-over to the iptables
> rules.
> <<
>
> Yup. I haven't done any serious work with iptables, so I'm hoping for some
> suggestions here. . .
OK. I am in that "cross-over" stage myself, but I will send you any
suggestions I get.
> >>
> In 3.4.2, are you looking at port forwarding, or more of a load
> balancing issue?
> I would assume that its load balancing based on the plural of servers.
> This task may need to be reworded for better understanding.
> <<
>
> I assumed that it was port redirection on the same host, e.g. the way you
> can configure ipchains to redirect outgoing datagrams addressed to TCP port
> 80 to go to squid on the firewall, thereby implementing transparent
> proxying. It's not clear what is meant here. Port forwarding would require
> the ip_port_fw module. . .
Okay. This might need to be reworded a bit more carefully, particularly
after checking
out the iptables setup now. The iptables setup no longer uses the
ip_port_fw module,
at least in 2.4+ kernels.
> >>
> The appears to be based on wu-ftp configuration.
> <<
>
> It seems to be a "de-facto standard" of sorts. Once you start adding in
> Pro-FTPD, etc. where do you stop?
True. That is why I wondered if this was going to be "set in concrete"
so to speak.
The only concern I would have is that more people are turning to proftpd
and similar
due to previous holes in wu-ftpd. I realise we probably do need one
"standard" package
for the certification though, and wu-ftpd probably would be the most
appropriate.
> >>
> Also look at other forms of root "denial" including:
>
> /etc/nologin
> /etc/securetty
>
>
> or were these included in LPIC I (I cant remember?)
> <<
>
> I'll check. At first glance, I'd assume those should be Level 1.
I would think they were LPI I.
Regards
Jonathon
--
This message was sent from the lpi-examdev mailing list.
Send `unsubscribe lpi-examdev' in the subject to [EMAIL PROTECTED]
to leave the list.
