Using Fedora as firewall.
Rodolfo J. Paiz
rpaiz at simpaticus.com
Mon Apr 19 03:52:19 UTC 2004
At 06:50 4/18/2004, Preston wrote:
>On Sun, 2004-04-18 at 01:59, Harry Hoffman wrote:
> > If you have more than one account you shouldn't be running X!!!!!!!!!!
>
>Why is this? And what does that mean for those of us who use Fedora as
>our only OS on our only computer, connecting to the Internet directly
>and using the firewall? The ports are protected, right? Including X.
Shutting down X is just one more thing you can do to reduce the risk on
that machine/server. If X is not necessary and can be safely eliminated,
then by all means do so. If, however, you have a box on which you need/want
X, then yes... iptables does block all those ports as well when implemented
with the standard, intelligent "deny everything and specifically allow only
what you need" philosophy.
As Eric so elegantly pointed out, "Security is like an ogre (in that ogres
are like onions)." For any given situation, employ as many layers of
security as you can... but you will not always be able to (or desire to)
implement all *possible* security measures.
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the fedora-list
mailing list