F29 Wail at the Firewall (long; sorry!)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

	In the words of the starlet, I try to be cynical [read paranoid] 
about security, but I just can't keep up. 

	I do some of my email and all of my Gmane activity (including 
this list) at the address above, from my local access provider, Comcast; 
but I do most of my email (and my wife does all of hers) at my own 
domain, to which we connect by ssh. 

	Recently we've been moving machines about physically, from floor 
to floor and connection to connection. We've also been getting lots of 
timeouts. When I asked my domain host about it, he told me it was my own 
firewall cutting us off.  It blocks connections out from our IP address 
if they fail more than it likes.

	I read -- no, I study, hard -- whatever security news comes 
across lists and sites I follow; I usually think I understand, more or 
less, what the hazard is. I think so this time. It seems the current 
default firewall is harder-nosed about failures to connect than it was; 
afaict, *we* are doing little if anything different. 

	But in all my years running Linux (since RedHat 7), I have not 
become savvy about writing nor editing code, any more than I've become a 
motor mechanic by driving (since about 1955 or so). I understand that it 
is necessary to throttle any malware that might try to call home; so I 
shouldn't just comment out whatever does the blocking, even if I knew 
where it was. 

	So, I THINK, I ought to enlarge  a/o lubricate the opening in the 
firewall that lets US out, but not make it any easier than I can help for 
supposed malware to get out. Does that make sense?

	If so, where do I go (i.e., what file do I open), and what 
changes do I make, to accomplish that?

-- 
Beartooth Codger, Not Quite Clueless 
Remember I know little (precious little!)
of which way is up.

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux