Hoss: I did understand your intent however I firmly believe that whenever we talk about locking a box we should have a mandatory rider that sits at the bottom of each message stating that these measures are specifically for implementation on "corporate" boxes already protected by a properly configured firewall and accessible from within by unknown "entities".

Frankly, I see too many people on the security sites I visit that would take information such as this as being all the protection they might need and just go without a firewall. I actually see it as some kind of a responsibility to make sure that things are done "properly" if, for no other reason than, it would provide the skiddies with a few less points of attack if we could get more cable/dsl type users to buy a damned firewall - preferably a hardware one, (software ones are too easy to disable and forget about......