Hi All In a production environment what is the recommend security settings with performance in mind and only services that I will be providing is http, https, ssh2 - scp, smtp. (i.e. secure , but with as little overhead) Kernel 2.4.x and using iptables , postfix, stronghold apache. Q.1 What services can hosts.deny & hosts.allow secure? (mainly in regards to the services that I'm using above) Q.2 Should I use stateful connection tracking on all ports or only the ssh,smtp and https ports? What is the stateful connection overhead like. Q3. What ICMP should you block and what must you answer directly or indirectly, so that you don't break other services or slow them down. Q4. What is recommend minimum ports and protocol that I must log, so that I can audit attacks , problems and keep logging overhead to a minimum. Given that our ISP environment has a lot of broadcast traffic. e.g. Q5. What DOS of protection options are there with iptables and how do you workout the rate to limit @. I have syncookie protection enabled. Q6. Is it still recommend to Reject mail server connections to port 113. Is the following setting correct: iptables -A INPUT -i eth1 -p tcp --dport 113 -j REJECT --reject-with tcp-reset Thanks in Advance Steven