Why admin's do not trust daemons to do their own packet filtering (was Re: Resuming the great cleanup)
Udo van den Heuvel
udovdh at xs4all.nl
Wed May 30 13:05:31 UTC 2018
On 29-05-18 17:44, Mark Atwood, Project Manager via devel wrote:
> There are a couple of different but very similar angles of approach to
> explain why a network security experts will not trust a userspace daemon to
> control it's own defensive packet filtering.
So what iptables (etc) filter rules would you suggest?
Stuff liek at
Rationale: simply leaving filtering out without suggesting an (better)
alternative is no good.
More information about the devel