network/security.md

## Security checklist

- [ ] ssh shut from internet
- [ ] dns shut from internet
- [ ] no source routing
- [ ] rp_filter
- [ ] restrict upstream routing/dns resolvers to associated priv nets?
- [ ] container caps dropped?
- [ ] ssh/telnet passwords
- [ ] no ospf outside core net
- [ ] no traffic between vlans
more of the good stuff 2016-11-16 01:17:28 +01:00			`## Security checklist`

			`- [ ] ssh shut from internet`
			`- [ ] dns shut from internet`
			`- [ ] no source routing`
			`- [ ] rp_filter`
			`- [ ] restrict upstream routing/dns resolvers to associated priv nets?`
			`- [ ] container caps dropped?`
			`- [ ] ssh/telnet passwords`
			`- [ ] no ospf outside core net`
			`- [ ] no traffic between vlans`