open ports

Gabriel M Dragffy dragffy at
Mon Sep 4 12:43:51 UTC 2006

On Sun, 2006-09-03 at 16:54 +0200, Alexander Skwar wrote:
> By doing so, your machine is *VERY* visible. There's no such
> thing as an invisible machine on the Internet.

This goes against pretty much everything that I've ever read or heard
about computer security, which is fine. I am very eager to know - why is
this so?

> Dropping packages is close to never a good suggestion. Rejecting
> packages might be worthwhile, though. But for this, a packet
> filter isn't needed.

Should I open some ports or start rejecting packets in the future?

> Hm - the same can be gained by not opening any ports in the
> first place. And the less software used, the better.

The OP has already opened ssh and I assume (incorrectly?) that the OP
would like for it to remain open.

More information about the ubuntu-users mailing list