[ubuntu-hardened] Firewall settings: User interface review and questions
Matthew Paul Thomas
mpt at canonical.com
Thu Jun 23 16:12:13 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi
Part of the planned "Desktop-side networking enhancements"
<https://launchpad.net/ubuntu/+spec/desktop-o-desktop-network-enhancements>
is the addition of a graphical interface for configuring a firewall.
Mathieu Trudel-Lapierre and I have been working on a design for the
firewall settings. Here's what we have so far:
<https://wiki.ubuntu.com/OneiricDesktopNetworkEnhancementsSpec#Design>
We'd appreciate a general sanity check for these settings, from people
who know more about security than we do. Are they missing anything
highly useful? Or is there anything there that shouldn't be?
There are also two specific questions we have:
* Does Ubuntu have any "essential" incoming connections, which should
be allowed in the normal case even when the firewall is turned on?
(As a comparison, Mac OS X identifies "DHCP, Bonjour, and IPSec" as
essential.)
- If so, how much use is it to have a graphical setting for
blocking even those "essential" connection types?
* Does Ubuntu have any "essential" outgoing connections? Web
browsing? E-mail? Avahi?
Thanks
- --
mpt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk4DZdwACgkQ6PUxNfU6ecoDrACgrtXCB2DRPVCRnGbgdWP0VZD7
k4gAn33YQoYa+g+ivPqXXWU5762EhkL3
=f4pS
-----END PGP SIGNATURE-----
More information about the ubuntu-hardened
mailing list