ZeroConf in Ubuntu Edgy
Dick Davies
rasputnik at gmail.com
Mon Jul 3 11:22:19 BST 2006
On 03/07/06, Trent Lloyd <lathiat at bur.st> wrote:
> As far as I am aware the no open port policy is not up for debate, what
> we need to be concentrating on is an _easy_ way to enable zeroconf, I
> think that firewalls or allowing private iPs or MACs, etc are all silly,
> and that at the very basic level zeroconf should just me a
>
> [X] Enable network service discovery
>
> in the network settings applet.
Firewalling off multicast dns is a crude on/off switch.
Even if you open that port, the nature of DNS-SD is such that it's of
limited use
(since applications don't have 'known ports').
It's worth remembering that all DNS-SD does is allow you to see what
services a machine is running. It doesn't give you much more than what
a good port scanner would provide anyway.
It's down to the *application* to check the user is comfortable with what it's
advertising.
firewall == good &&
user_who_knows_what_services_they_are_running == $better
--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
More information about the ubuntu-devel
mailing list