New ZeroConf Spec
Sebastien ESTIENNE
sebastien.estienne at gmail.com
Sat Jul 8 21:30:03 BST 2006
Scott James Remnant wrote:
> On Mon, 2006-07-03 at 20:48 -0700, Dan Kegel wrote:
>
>
>>There should be no exception: there should be no open ports by default.
>>
>
> This isn't actually entirely true; we currently have two open ports by
> default:
>
> If you're on a network with DHCP, the DHCP client listens on UDP port 68
> to receive responses from the DHCP server.
>
> And every time you make a DNS query, a UDP port is opened to receive the
> response from the DNS server.
>
>
> Both of these are issued from software that has a very long pedigree,
> and of which we can be vaguely confident that it is not a security
> problem.
>
> Avahi isn't yet at that state, so it is not permitted an open port by
> default.
About security and avahi, this is a good thing to read:
http://avahi.org/wiki/SecurityConsiderations
basically avahi, run chrooted and as "avahi" user, plus it's using
>
> Scott
>
More information about the ubuntu-devel
mailing list