On Thu, Aug 23, 2001 at 12:09:38PM +0200, Giacomo Mulas wrote: > On Thu, 23 Aug 2001, Antropov Anton wrote: > > > >best to keep them as secure as possible), and ARE thus DISALLOWED TO > > >ESTABLISH ANY OUTGOING CONNECTION, to minimise the possible amount of > > >damage a break-in could cause. > > > > Sorry, what is purpose of this (see emphasized text)? > > May be disallowing relaying of any kind? > > Exactly. If one of the servers is broken into by a malicious cracker, > he/she will be unable to use it to attack anything else, in my network or > elsewhere. Moreover, he/she cannot realise that he/she can't do it until > he/she tries, and this will trigger some alarms on the firewall (which is > a separate, completely stripped down system with no services and can be > accessed only by root on the console) and I will quickly know something is > wrong. How do you send mail? -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:nnorman@micromuse.com | -- Patton
Attachment:
pgpw0si4x8YYu.pgp
Description: PGP signature