How is SME secure? Is this a firewall?
You're cheating, this is really two questions :-)
- - Yes. All nonessential network services have been removed, necessary network services have been replaced with more secure versions, and the system configured to allow access to these services only to hosts on the internal network. Regular user accounts, and server functions that use accounts, are restricted to only the minimum access required to perform. Only the administrator can configure the system, or have access to the shell. Remote acces to the server is denied by default.
- - Yes. Since version 4.1, SME Server, in Server and Gateway mode has contained a complete firewall system. All unsolicited external network traffic is denied, unless SME is specifically configured otherwise. In Private Server and Gateway mode, all unsolicited external traffic is ignored (i.e. the ports are stealthed), although SME can log this traffic if you wish. To an external port scan, it looks like there's nothing there.