ZeroConf in Ubuntu Edgy
Trent Lloyd
lathiat at bur.st
Thu Jun 29 17:34:03 BST 2006
Hi John,
On Thu, Jun 29, 2006 at 02:53:28PM +0200, John Nilsson wrote:
> On Thu, 2006-06-29 at 13:17 +0800, Trent Lloyd wrote:
> > On Wed, Jun 28, 2006 at 02:18:59PM -0700, Matt Zimmerman wrote:
> > > On Wed, Jun 28, 2006 at 10:47:58PM +0200, John Nilsson wrote:
> > > > On Fri, 2006-06-23 at 09:15 +0800, Trent Lloyd wrote:
> > > > > Ubuntu has a no-open-ports by-default policy, which means that any
> > > > > mDNS/DNS-SD based discovery cannot be enabled by default.
> > > >
> > > > How about a semi-closed policy? I.e. having a iptables configuration
> > > > that is a bit more trusting of private networks.
> > >
> > > That's an interesting idea. But are enough ISPs and corporate networks
> > > doing proper filtering these days for that to be safe?
> >
> > I'm not sure this is really right, this still means if I'm at a
> > conference, someone can hack my PC, not just if I'm on the internet (in
> > fact your often arguably *safer* on the internet where your behind NAT
> > [at least that is often the case in .au])
>
> Would it be possible to automatically maintain list of MAC-addresses for
> trusted networks?
>
> Depending on policy either all NICs joining the network would
> automatically be added to iptables-rules or queued-up for manual
> authorization by the user.
This seems completely far too complicated to me, and far more
complicated than a simple on/off switch...
Trent
> Regards,
> John
>
>
> --
> ubuntu-devel mailing list
> ubuntu-devel at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
--
Trent Lloyd <lathiat at bur.st>
Bur.st Networking Inc.
More information about the ubuntu-devel
mailing list