[ubuntu-hardened] Firewall settings: User interface review and questions
Matthew Paul Thomas
mpt at canonical.com
Thu Jun 23 16:12:13 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Part of the planned "Desktop-side networking enhancements"
is the addition of a graphical interface for configuring a firewall.
Mathieu Trudel-Lapierre and I have been working on a design for the
firewall settings. Here's what we have so far:
We'd appreciate a general sanity check for these settings, from people
who know more about security than we do. Are they missing anything
highly useful? Or is there anything there that shouldn't be?
There are also two specific questions we have:
* Does Ubuntu have any "essential" incoming connections, which should
be allowed in the normal case even when the firewall is turned on?
(As a comparison, Mac OS X identifies "DHCP, Bonjour, and IPSec" as
- If so, how much use is it to have a graphical setting for
blocking even those "essential" connection types?
* Does Ubuntu have any "essential" outgoing connections? Web
browsing? E-mail? Avahi?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the ubuntu-hardened