On 06-12-2012 15:41, Les Mikesell wrote: > On Thu, Dec 6, 2012 at 9:13 AM, <m.roth at 5-cent.us> wrote: >> >> Disabling selinux, or at least setting it to permissive, I agree >> with. >> Turning down your firewall?! Anyone suggesting that is, IMO, either >> a) >> clueless, or b) a malware user/vendor trying to make life easier. >> Can >> anyone think of any other possibilities? > > Someone with good site and subnet-level hardware firewalling. And a > good feeling that all the bad guys are on the other side of the > firewalls. Filtering Inbound Firewalls are generally useless if the user of the system doesn't know what they're doing. A lot of intrusions these days are the result of inbound policy permitted traffic in causing someone to initiate an outbound connection that gets them hacked.