ZeroConf in Ubuntu Edgy

John Nilsson john at milsson.nu
Thu Jun 29 13:53:28 BST 2006


On Thu, 2006-06-29 at 13:17 +0800, Trent Lloyd wrote:
> On Wed, Jun 28, 2006 at 02:18:59PM -0700, Matt Zimmerman wrote:
> > On Wed, Jun 28, 2006 at 10:47:58PM +0200, John Nilsson wrote:
> > > On Fri, 2006-06-23 at 09:15 +0800, Trent Lloyd wrote:
> > > > Ubuntu has a no-open-ports by-default policy, which means that any
> > > > mDNS/DNS-SD based discovery cannot be enabled by default.
> > > 
> > > How about a semi-closed policy? I.e. having a iptables configuration
> > > that is a bit more trusting of private networks.
> > 
> > That's an interesting idea.  But are enough ISPs and corporate networks
> > doing proper filtering these days for that to be safe?
> 
> I'm not sure this is really right, this still means if I'm at a
> conference, someone can hack my PC, not just if I'm on the internet (in
> fact your often arguably *safer* on the internet where your behind NAT
> [at least that is often the case in .au])

Would it be possible to automatically maintain list of MAC-addresses for
trusted networks?

Depending on policy either all NICs joining the network would
automatically be added to iptables-rules or queued-up for manual
authorization by the user.

Regards,
John




More information about the ubuntu-devel mailing list