You guys are trying to make it sound like running a Linux machine on the public Internet is some kind of nightmare of "lions and tigers and bears" and that depiction couldn't be farther from the truth. I've been running Linux machines connected to the public Internet since 1994 and only once has a machine ever been broken into (and that was due to *my* laziness, nothing that was the fault of the operating system -- it was also 8 years ago, and yes, I did track down who did it, it was some kid and his friend in Florida. I'm in Kansas). In short, if you keep up to date with security patches, turn off non-essential services, and make conservative use of things like tcp_wrappers and iptables, you really don't have a lot to worry about. The only other suggestion I can make is to use the AllowUsers directive in /etc/ssh/sshd_config. You're not connecting an unpatched Windows machine to the Internet, you're connecting a secure Linux machine to the Internet. These days with things like the yum auto-update service available, you really have to go out of your way to leave your machine open to attack. I'm sure that some naysayer is going to come along and disagree with everything I've just said, and that's to be expected on a large mailing list. I'll say in advance that whatever rebuttal is posted is a bunch of hogwash and fear mongering. :-P I think you'll enjoy running your own Internet presence and I encourage you to take the plunge. :-) -- Chris "I trust the Democrats to take away my money, which I can afford. I trust the Republicans to take away my freedom, which I cannot."
