morning thoughts on firewall
Dmitriy Kropivnitskiy
nigde at mitechki.net
Wed Dec 22 10:44:34 CST 2004
On Tue, 2004-12-21 at 10:22 +0100, Oliver Grawert wrote:
> hi,
> Am Dienstag, den 21.12.2004, 10:08 +0100 schrieb Marco Bonetti:
> > hi!
> > Last time I help to install an ubuntu on friends' computers I was
> > asked about the presence of a firewall.
> > I answered as in the faq: "there is a firewall, but it isn't
> > configured because you do not need it", my friend was a bit surprised
> > and he pointed out that os x and windows have a configured firewall.
I have to point out, that a properly configured firewall not only
protects against unauthorized access to running services (in most cases
this can be accomplished using either native configuration of the
service or TCP wrappers) but also from attempts at exploiting
vulnerabilities in TCP/IP stack, attempts to use the system as a
middle-man in port scans (such as zombie scan) etc. The rules suggested
by the original poster are not IMHO quite right, my suggestion would be
something in the spirit of the Fedora default firewall setup.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20041222/90acde07/attachment-0001.htm
More information about the ubuntu-devel
mailing list