On 12/06/2012 10:41 AM, Les Mikesell wrote:
On Thu, Dec 6, 2012 at 9:13 AM, m.roth@5-cent.us wrote:
Disabling selinux, or at least setting it to permissive, I agree with. Turning down your firewall?! Anyone suggesting that is, IMO, either a) clueless, or b) a malware user/vendor trying to make life easier. Can anyone think of any other possibilities?
Someone with good site and subnet-level hardware firewalling. And a good feeling that all the bad guys are on the other side of the firewalls.
Which I have. A Juniper branch firewall that I was given for testing purposes. And I am subnetted up the gazoo; I have a 64 address CIDR allocation that I have subnetted to /29s and /28s. I also use RFC1918 extensively. Afterall, I am one of its authors :)