[time] Other traffic to strange ports (was: Re: ICMP pings and ntp)

[der Mouse]

> I'm a retired computer geek who spent his life doing things that had
> nothing to do with networking [...].,  When I retired I put up a
> couple server systems, and immediately got creamed [...] because of a
> sloppy (newbie) install of RedHat 6.  So I [started putting up router
> blocks of various sorts].

> And y'all are actually OK without all this?  Interesting.

So far, as far as I can tell, I am.

However, I've been a sysadmin, including networking, for most of my
career, so I have a reasonably good feel for what's good for what, and
what I need to run under what circumstances.  A new install starts with
everything turned off, with various things turned back on as necessary;
the experience means that I don't run into "um, I don't know what this
is, but it doesn't work without it, so I better leave it on" much - and
if I *am* in that circumstance, it stays off until I have learned
enough to make an informed decision.  (Which may mean moving the
machine to the non-routed portion of the house LAN, if I decide the
service is one I want but the exposure is too much.)

I also tend to push the security/convenience tradeoff further in the
security direction than many people.  For example, I do not even _have_
a way into my house LAN from the outside when I don't have one of my
machines with me with an ssh key something inside trusts.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse at rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B