From 78d7f7f610df679cbf9e2168fa59dc6defd20c57 Mon Sep 17 00:00:00 2001
From: adam <adam@FreeBSD.org>
Date: Sat, 7 Sep 1996 02:15:56 +0000
Subject: take the axe a little closer, since I didn't say what I meant either,
 and better empty than wrong.

---
 share/doc/handbook/firewalls.sgml | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

(limited to 'share/doc/handbook')

diff --git a/share/doc/handbook/firewalls.sgml b/share/doc/handbook/firewalls.sgml
index 039b19b..01d6fd1 100644
--- a/share/doc/handbook/firewalls.sgml
+++ b/share/doc/handbook/firewalls.sgml
@@ -1,4 +1,4 @@
-<!-- $Id: firewalls.sgml,v 1.9 1996/09/07 00:34:08 adam Exp $ -->
+<!-- $Id: firewalls.sgml,v 1.10 1996/09/07 00:51:36 adam Exp $ -->
 <!-- The FreeBSD Documentation Project -->
 
 <sect><heading>Firewalls<label id="firewalls"></heading>
@@ -489,15 +489,10 @@ want to allow from the inside. Some general rules are:
 
 <itemize>
 
- <item>Block all incoming access to ports below 1000 for TCP. This is
+ <item>Block all incoming access to ports below 1024 for TCP. This is
 where most of the security sensitive services are, like finger, SMTP
 (mail) and telnet.
 
- <item>Block all incoming access also to TCP ports between 1001 and 1024
-inclusive, unless rlogin/rsh access from outside is to be enabled, in which
-case incoming SYN (<bf>setup</bf>) connections should be blocked on these
-ports and allowed on the relevant service port(s).
-
  <item>Block <bf>all</bf> incoming UDP traffic. There are very few
 useful services that travel over UDP, and what useful traffic there is
 is normally a security threat (e.g. Suns RPC and NFS protocols). This
-- 
cgit v1.1