Changeset 5628618e for postlfs/security/firewalling/busybox.xml
- Timestamp:
- 04/07/2003 09:14:53 PM (21 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v1_0, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- b77b166f
- Parents:
- 0cfd5d9
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/firewalling/busybox.xml
r0cfd5d9 r5628618e 5 5 but in this case you want to offer some services to your intranet. 6 6 Examples of this can be when you want to admin your box from another host 7 on your intranet or use it as a proxy or a name server. Note: Outlining a true7 on your intranet or use it as a proxy or a name server. Note: Outlining a true 8 8 concept howto protect a server that offers services on the internet 9 9 goes far beyond the scope of this document, … … 49 49 -j ACCEPT</screen></para></listitem> 50 50 51 <listitem><para>Your caching -nameserver (e.g., dnscache) does its51 <listitem><para>Your caching name server (e.g., dnscache) does its 52 52 lookups via udp:</para> 53 53 <para><screen>iptables -A OUTPUT -p udp --dport 53 -j ACCEPT … … 66 66 querying an identd on your box for your username for logging. 67 67 Although there's really no harm in this, having an identd running is not 68 recommended because some implement ions are known to be vulnerable.</para>68 recommended because some implementations are known to be vulnerable.</para> 69 69 70 70 <para>To avoid these delays you could reject the requests
Note:
See TracChangeset
for help on using the changeset viewer.