use different port numbers for your services for the outside interfaces (the ones to the net, e.g. ppp0). like: ssh -> 49022 http -> 49080 try to avoid ftp, but if you must then also +49000 (or any other number above 1024)
this way it'll seem like you have no (typical) ports open and therefore you'll only receive syn packets which will keep the traffic low and the "danger" minimal.
Slashdot Mirror
use different port numbers for your services for the outside interfaces (the ones to the net, e.g. ppp0).
like:
ssh -> 49022
http -> 49080
try to avoid ftp, but if you must then also +49000 (or any other number above 1024)
this way it'll seem like you have no (typical) ports open and therefore you'll only receive syn packets which will keep the traffic low and the "danger" minimal.