[time] Other traffic to strange ports (was: Re: ICMP pings and ntp)
Sat Dec 5 21:39:18 UTC 2009
> I'm a retired computer geek who spent his life doing things that had
> nothing to do with networking [...]., When I retired I put up a
> couple server systems, and immediately got creamed [...] because of a
> sloppy (newbie) install of RedHat 6. So I [started putting up router
> blocks of various sorts].
> And y'all are actually OK without all this? Interesting.
So far, as far as I can tell, I am.
However, I've been a sysadmin, including networking, for most of my
career, so I have a reasonably good feel for what's good for what, and
what I need to run under what circumstances. A new install starts with
everything turned off, with various things turned back on as necessary;
the experience means that I don't run into "um, I don't know what this
is, but it doesn't work without it, so I better leave it on" much - and
if I *am* in that circumstance, it stays off until I have learned
enough to make an informed decision. (Which may mean moving the
machine to the non-routed portion of the house LAN, if I decide the
service is one I want but the exposure is too much.)
I also tend to push the security/convenience tradeoff further in the
security direction than many people. For example, I do not even _have_
a way into my house LAN from the outside when I don't have one of my
machines with me with an ssh key something inside trusts.
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the pool