Further adventures in Firewall upgrades

[Dustin Decker]

I'm gonna add my own touch of a rant here as well, but it's bound to be 
a short one.

In quickly browsing a list of the various packages and such that the 
Mandrake SNF post contained, I see someone breaking some serious "rules" 
in the firewall vein.  Firewalls are generally meant to be bastion 
hosts, with little or no services running on them.  Those that are 
present obviously need to be hardened.  In the event that you actually 
get this host up and running, I'm not all that sure I would trust it to 
provide signifigant security improvements.

Dustin

--
He who knows not and knows that he knows not is ignorant. Teach him.
He who knows not and knows not that he knows not is a fool.  Shun him.
He who knows and knows not that he knows is asleep.  Wake him.