On Sat, 2011-07-16 at 13:25 +0200, Rudi Ahlers wrote: > But, sadly google can't teach someone to start making their own > choices or to think for themselves Learning Linux/Centos on one's own, and without good text books, is a very daunting task even for those with over 40 years computer programming experience. I describe it as a steep learning curve but, as usual, I succeeded. Others may be confused and lack the background knowledge to put 'strange' things in context or to make sense of what seems illogical. Recommending a good elementary source for learning about Linux basics is probably more useful than criticism. IPtables can seem daunting when protecting a single machine but it is easy ONCE one discovers the logic and the necessary commands. On desktops which are also used as local servers (running Apache, Exim and VSftp) I create 3 virtual IP addresses one for each service and then allow in traffic which uses the allocated IP address and the correspondingly correct (and usually changed from default) port number. That is then followed by the applications own security settings. All these are subsequently IPT options. One of the first is the ability to impose a blanket ban on unwanted IPs. Because I'm lazy, I type ipt -nvL or sv ipt status (after all, the computer is supposed to work for the Human Being) -- With best regards, Paul. England, EU.