-----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Spiro Azkoul Sent: Friday, June 25, 2004 9:01 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: SUN RPC portmap Can anyone think of a reason to simple block SUN RPC via iptables rather than simply stopping the service if it is a mail/pop/imap/web server? Thanks It's normally referred to as "Defense-in-Depth". It is not recommended to rely on a single method of security for anything. If the attacker gets through the front line, it's always nice to know there is a second or third or fourth, etc, etc, layer of defense to stop them.
