[rescue] New acquisition... (AIX)

Kevin kevin at mpcf.com
Fri Apr 2 12:03:00 CST 2004

On Fri, 2 Apr 2004 12:01:20 -0600
"Jonathan C. Patschke" <jp at celestrion.net> wrote:

> It's all fairly simple and, more importantly, known quantities.
>  But,
> in Linux, you have abstraction violations like HTTP listeners
> (optionally) in the kernel.  You really have to stay abreast of
> what shiny new toy the developers tossed in there and make sure
> you don't accidentally turn it on.

That's why you begin from a "deny all/turn on only what you need"
position.  It's pretty hard to accidentally compile in
CONFIG_KHTTPD if you are starting off from the bare minimums.

Oh, and hope they don't
> change the firewall paradigm AGAIN[0], if you need to filter
> packets.

This was a  pain, i'll grant you that.  But that type of thing is
to be expected with any product that is/was growing at that rate.
 I've been using iptables since 2000 and love it.  I seriously
doubt it will change drastically anytime soon.


"Make it idiot proof and someone will make a better idiot."
keyserver: http://pgp.mit.edu/

More information about the rescue mailing list