take the axe a little closer, since I didn't say what I meant either, and

better empty than wrong.

1 files changed, 2 insertions, 7 deletions

diff --git a/share/doc/handbook/firewalls.sgml b/share/doc/handbook/firewalls.sgml
index 039b19b..01d6fd1 100644
--- a/share/doc/handbook/firewalls.sgml
+++ b/share/doc/handbook/firewalls.sgml
@@ -1,4 +1,4 @@
-<!-- $Id: firewalls.sgml,v 1.9 1996/09/07 00:34:08 adam Exp $ -->
+<!-- $Id: firewalls.sgml,v 1.10 1996/09/07 00:51:36 adam Exp $ -->
 <!-- The FreeBSD Documentation Project -->
 
 <sect><heading>Firewalls<label id="firewalls"></heading>
@@ -489,15 +489,10 @@ want to allow from the inside. Some general rules are:
 
 <itemize>
 
- <item>Block all incoming access to ports below 1000 for TCP. This is
+ <item>Block all incoming access to ports below 1024 for TCP. This is
 where most of the security sensitive services are, like finger, SMTP
 (mail) and telnet.
 
- <item>Block all incoming access also to TCP ports between 1001 and 1024
-inclusive, unless rlogin/rsh access from outside is to be enabled, in which
-case incoming SYN (<bf>setup</bf>) connections should be blocked on these
-ports and allowed on the relevant service port(s).
-
  <item>Block <bf>all</bf> incoming UDP traffic. There are very few
 useful services that travel over UDP, and what useful traffic there is
 is normally a security threat (e.g. Suns RPC and NFS protocols). This