"Steve Wolfe" <steve(at)iboats(dot)com> writes:
> > Previous to version 7.1, RHL wasn't very secure by default. This is one
> of
> > the most common complaints I hear. 7.1 can be made quite secure out of
> the
> > box without any special config -- just leave the firewall config at the
> > default of 'HIGH' -- of course, I've now heard complaints that it is then
> > 'too secure' :-).
>
> Myself, I'd prefer that they'd just leave the insecure services off by
> default, rather than using a firewall as a "band-aid". ; )
ALmost all services are off as well. Openssh is on, sendmail is on
(but only accepts connects from the local machine), portmap is on and
that's about it.
--
Trond Eivind Glomsrød
Red Hat, Inc.