On Sep 24, 2004, at 9:57 AM, Jason Staudenmayer wrote:
Better yet do what I do and point every system to a dead-end and only allow
restricted proxy access to the web.
How is that "better" than what I suggested? You block all by default and only allow "trusted" traffic. If there is a proxy, of course you should use it (as I already said). Otherwise, if it's a necessary requirement of normal day-to-day activities, than you allow it statefully.
If you're in an environment where the only necessary outbound services are proxy-capable, more power to you. I guarantee you you're in the extreme minority.
-- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
