I have paid for server hardening (service was pretty fast. Hopefully the server stays ups).
The sys-admin recommended using LF_SPI = 0 because the iptables were kind of broken.
Can anyone help to explain the differences as to what additional protection you get for "Dynamic" firewalls instead of "static" ones?
From what I can tell, it's still rejecting users on failed logins, which is a lot more than I had before.
I'm just wondering what the dynamic thing does and how much effort i should get into trying to get that repaired.
LF_SPI = 0 (static firewall)?
Re: LF_SPI = 0 (static firewall)?
As per the advice of the installed service, a reboot helped fix the IPtables and LF_SPI = 1 is now back online.