On Tue, 2008-11-04 at 11:33 -0700, Michael Torrie wrote: > Stuart Jansen wrote: > > As for your firewall problem, it's hard to debug a firewall without > > looking at _all_ rules. If you're comfortable giving us the entire rule > > set, run "iptables-save" and send us the output. > > I'm a bit unsure of why an administrator would be uncomfortable sharing > iptables rules. Perhaps the list of allowed ports is felt to be > sensitive. But those can be determined very easily by a would-be > hacker. Security by obscurity perhaps?
They can be determined by a persistent hacker, but that might set off alarms or trigger a re-evaluation. A little obscurity isn't a bad thing, so long as it is included with other good security practices. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
