[sf-lug] update from computer newbie

[Rick Moen]

Quoting John Lowry (johnlowry at gmail.com):

> Okay, I know what I am about say is going to be in the ball park, but
> specifics might be *off*.

Nah, far as I can see, you're dead-on.

> For your firewall, you do not need to leave any services open for
> incoming traffic below port 1023. I might be off by one, I forget.
> Anyway, those are all services that daemons that are serving will use.

Here's a wacky metaphor, off the top of my head:  Your house is on a
corner lot, and it came with a half-dozen fruit stands arrayed around
the edges of the property.  For reasons that pass understanding, your
kids keep all those fruit stands stocked with grocery-store purchases
from your kitchen.

You have no actual desire to be in the fruit-selling business, and don't
staff those facilities; you're just a homeowner, trying to enjoy your
place.  In consequence, random people off the street are stealing you
blind.  Your fruit bill is enormous.

The firewall remedy says:  Erect a nasty chainlink fence with razor wire
all around your property line, to prevent people from stealing piles of 
merchandise (the fruit) from your front yard.

My "don't _run_ those network services, then" alternative approach says:
Tell your kids to stop putting fruit out there.  In fact, take down the
booths so you can have a lawn for a change.

This is Linux:  You're in charge.  

(Again, I hope somebody's forwarding all this stuff back to Jeff Gibson
-- or just tell him to do the obvious and join the mailing list, if he 
wishes to participate in the discussion and see what people are saying.)