On 16-07-2011 18:13, Andrea Scarpino wrote: > Technically this is what we did: without tcp_wrappers every input is accepted > now. I'd say that if not using iptables most input was already being accepted anyway so not supporting tcp_wrappers at all will make users more aware of what is allowed in. > You've to setup iptables to deny all input and accept only what you need. I > never used iptables before, but now I find its syntax really simple, and > powerful. And while you are at it you might want to consider restricting the allowed outbound ip/ports for good measure ;) -- Mauro Santos
