On 12/06/2012 10:57 AM, Les Mikesell wrote:
> On Thu, Dec 6, 2012 at 9:49 AM, Giles Coochey <giles@xxxxxxxxxxx> wrote:
>> On 06-12-2012 15:41, Les Mikesell wrote:
>>> On Thu, Dec 6, 2012 at 9:13 AM, <m.roth@xxxxxxxxx> wrote:
>>>> Disabling selinux, or at least setting it to permissive, I agree
>>>> with.
>>>> Turning down your firewall?! Anyone suggesting that is, IMO, either
>>>> a)
>>>> clueless, or b) a malware user/vendor trying to make life easier.
>>>> Can
>>>> anyone think of any other possibilities?
>>> Someone with good site and subnet-level hardware firewalling. And a
>>> good feeling that all the bad guys are on the other side of the
>>> firewalls.
>> Filtering Inbound Firewalls are generally useless if the user of the
>> system doesn't know what they're doing. A lot of intrusions these days
>> are the result of inbound policy permitted traffic in causing someone to
>> initiate an outbound connection that gets them hacked.
> And you expect someone to be better at stopping this with iptables and
> a 'howto' than dedicated hardware and vendor training/support?
And outbound rule writing is very hard, as you have to sniff out traffic
many times to figure out why an app is failing and then write a rule to
allow that app out.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
