ZeroConf in Ubuntu Edgy

Dick Davies rasputnik at gmail.com
Mon Jul 3 11:22:19 BST 2006


On 03/07/06, Trent Lloyd <lathiat at bur.st> wrote:

> As far as I am aware the no open port policy is not up for debate, what
> we need to be concentrating on is an _easy_ way to enable zeroconf, I
> think that firewalls or allowing private iPs or MACs, etc are all silly,
> and that at the very basic level zeroconf should just me a
>
> [X] Enable network service discovery
>
> in the network settings applet.

Firewalling off multicast dns is a crude on/off switch.
Even if you open that port, the nature of DNS-SD is such that it's of
limited use
(since applications don't have 'known ports').

It's worth remembering that all DNS-SD does is allow you to see what
services a machine is running. It doesn't give you much more than what
a good port scanner would provide anyway.

It's down to the *application* to check the user is comfortable with what it's
advertising.

firewall == good &&
user_who_knows_what_services_they_are_running == $better



-- 
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/



More information about the ubuntu-devel mailing list