[H-GEN] Firewall configuration on a remote machine

[Stephen Thorne]

On 2011-02-09, gavin duley wrote:
> Should I be as paranoid as I am about installing shorewall on a remote
> system?  If I should avoid shorewall, what are my other options?
> (other than learning iptables).

Your best option:

Run exactly zero non-essential services listening for connections on
ips other than 127.0.0.1 or ::1.

-- 
Regards,
Stephen Thorne
Development Engineer
Netbox Blue