Re: Questions on secure remote access to Fedora Core 2
- From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
- Date: Mon, 30 Oct 2006 14:21:12 -0600
On Sun, 29 Oct 2006, in the Usenet newsgroup comp.os.linux.security, in article
<pan.2006.10.30.03.18.33.775996@xxxxxxxxx>, C. J. Clegg wrote:
3. Disable outgoing telnet and FTP
All you are doing is blocking access to those well known ports. That doesn't
stop anyone from using telnet or ftp to access remote servers on non-standard
ports.
4. Log all other outbound activity EXCEPT: SSH going to three trusted
networks; any SMTP, HTTP, DNS activity; any pings; any IMAP activity on
the localhost.
This statement is ambiguous.
I used DROP rather than REJECT because I don't want messages going out
explaining why the connection is being rejected.
Care to expand on this?
Old guy
.
- References:
- Questions on secure remote access to Fedora Core 2
- From: C. J. Clegg
- Re: Questions on secure remote access to Fedora Core 2
- From: left_coast
- Re: Questions on secure remote access to Fedora Core 2
- From: C. J. Clegg
- Re: Questions on secure remote access to Fedora Core 2
- From: Keith Keller
- Re: Questions on secure remote access to Fedora Core 2
- From: C. J. Clegg
- Re: Questions on secure remote access to Fedora Core 2
- From: C. J. Clegg
- Questions on secure remote access to Fedora Core 2
- Prev by Date: Re: Disabling telnet on Linux iptables firewall
- Next by Date: Re: What are "security implications" of FTP chroot jails?
- Previous by thread: Re: Questions on secure remote access to Fedora Core 2
- Next by thread: Re: Questions on secure remote access to Fedora Core 2
- Index(es):
