On Mon, 10 Jan 2005 17:19:16 +0000, Luciano Miguel Ferreira Rocha > Some server admins don't know how some protocols and application work. > And I wouldn't want to see FC4 being rated as slow or disfuncional for > network services by less knowledgeable admins, I'm perfectly happy with those sorts of people running gentoo. The educational issues around selinux have already shaken out a good number of 'those' people. This change would be a minor pertubation in comparison i think. Of course there maybe a default techical solution here... can a default ipt_recent rule set be constructed to target the most sensitive ports? Maybe its most reasonable to do this to ssh and the imap/pop services? Maybe its only reasonable to protect ssh by default? Lots of room to provide a default use of ipt_recent that strikes a compromise to off or on for all ports. I'm fine with incremental changes that turn this on for only ssh by default if this is the most reasonable compromise. -jef