OT: What's the deal with Ubuntu?
Juan Carlos Castro y Castro
jcastro at instant.com.br
Wed May 11 18:05:31 UTC 2005
Les Mikesell wrote:
>On Wed, 2005-05-11 at 06:00, Claude Jones wrote:
>
>
>
>>>Are you saying there's no iptables? THAT would be very scary.
>>>
>>>
>>>
>>No, I'm not saying that - iptables is there. And you could quickly code
>>something, but that's not something a relative newcomer like myself would
>>know how to do quickly. Kind of flies in the face of ubuntu's ease-of-use
>>philosophy. I think I understand their thinking on it, but I still think it
>>would be preferable to allow the user at least the basic security choices
>>that FC does on install.
>>
>>
>
>Firewalls on hosts that aren't doing routing are just there to cover
>up mistakes. That is, if you don't have a service listening for
>a connection you won't accept connections with or without a firewall.
>If you do have a service running, you will need a hole in the firewall
>to let the associated connections through anyway. Firewalls only
>help if you start services that you don't want to work.
>
>
Or if you want some services to just be available to clients X, Y, and
Z. Or if you want your machine to be unpingable. Or if you want to
implement port knocking. Or if you want to block eventual,
yet-to-be-discovered flood attacks.
I'm sure I forgot lots of other uses.
More information about the fedora-list
mailing list