Hi list, i am setting up two servers directly in the web for hosting purposes. Of course because there is no firewall etc aviable i wan to show as little as possible to the external world and secure the box as much as possible with certificates etc against any sniffing attacks. Now from what i know (correct me if i am wrong) the first step is always to scan a host for the services it is running. So i used nmap with the -sS flag on my hosts. nicely it shows that i am running this and that service. So i tried to get rid of some using the inted,conf file and the services file... and there only pop, sop, imap http(s), domain and mysql are left. Good.. but imap and mysql are only needed by the localhost. so i added it to my hosts.deny as mysql : ALL EXCEPT localhost This seems to work, i cannot connect externally BUT i can see it with nmap. how do i prevent this in the most efficient way? Also i saw mandrake updated their stunnel rpm, anyone up to date about a new stunnel from suse? thanks Evert