On Monday 19 November 2001 15:56, Pong wrote:
> there is an extra layer of protection. in case your server on an
> open port is exploited to force it to run a shell listening on
> another tcp port, the "input deny by default" rule will prevent the
> cracker from connecting to that new port. so in general it is good to
> block even the unused tcp ports because many remote exploits use that
> m.o.
thanks pong. that does help if they got in and only got a non-root
shell. of course, if they've got root then (as linus says in another
context), you're (or, in this case, i'm :) screwed anyway.
tiger
--
Gerald Timothy Quimpo [EMAIL PROTECTED] [EMAIL PROTECTED]
Entia non sunt multiplicanda praetere necessitatem
Mene sakhet ur seveh
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
