outgoing port block on fedorapeople.org

David Nalley david at gnsa.us
Mon Aug 2 19:51:35 UTC 2010


On Mon, Aug 2, 2010 at 3:43 PM, Dennis Gilmore <dennis at ausil.us> wrote:
> On Monday, August 02, 2010 02:28:22 pm seth vidal wrote:
>> Hi,
>>  Mike
> noticed that someone had setup an irc bot running on
>> fedorapeople.org
> talking to an irc channel that was not remotely fedora
>> related. Even if it
> had been fedora-related it's still not something we
>> want running
> fedorapeople.org. I put in an outgoing port reject to
>> things bound to
> 6667. I'll work on a slightly better option soon but I
>> wanted to let
> everyone know about this and ask if there were any other
>> suggestions on
> how to best block this sort of thing.
>>
>> Thanks,
>> -sv
>
> for fedorapeople i
> think its fine to block all outbound communications except for those related
> to established inbound connections on the ports of services we run.
>
> Dennis

+1 -  given how freely access is granted it only makes sense.


More information about the infrastructure mailing list