mobility and firewall
Dmitriy Kropivnitskiy
nigde at mitechki.net
Sat Jun 4 02:25:20 CDT 2005
On Fri, 2005-06-03 at 22:24 -0500, Lance Lassetter wrote:
> If you don't think portscans are relevant today to find weaknesses in
> systems, I don't know what the hell planet you're from.
I believe his point is, that without an actual vulnerability (no open
ports policy) port scans are rather harmless, since they will not find
anything. If your system provides some sort of service, you will have to
open that port in your firewall making it visible to a port scan. There
are certain pluses to your setup, such as:
1. You can run "internal" services without worrying about security (such
as a local copy of apache for web development or something like that)
2. if you are running public services, DROP policy will significantly
slow down port scans, since every probe will have to time out before
marking the port closed.
But there is also at least one problem. Any service requiring a
connection to be made to be made to your system will fail. You would be
surprised how many of those exist. P2P protocols, IRC file transfers,
FTP, etc.
More information about the ubuntu-devel
mailing list