having problems with getting ports open through firewall
Phil Meyer
pmeyer at themeyerfarm.com
Mon May 21 20:09:11 UTC 2007
Frank Cox wrote:
> On Mon, 21 May 2007 13:39:45 -0500
> Scott Berry <sberry at northlc.com> wrote:
>
>
>> I would like to have all ports open on eth-.
>>
>
> Unless I'm mis-understanding your question, the way to accomplish what you want
> to do is to simply turn the firewall off. That will open all ports.
>
>
System/Administration/Security
Turn the firewall off there, BUT ...
If your cable/DSL modem connects directly to this computer, than this is
asking for trouble.
If you have a router between the cable/DSL modem and your computer, then
this MAY be ok.
Then you would open the ports you want on the router to this machine.
It is RARELY, as in nearly never, desirable to have any system wide open
to the InterNet.
let me give you a few examples of what could happen if you do that:
all samba or NFS shares are open to the net, and are corruptible.
all X windows could be read from the net, not only exposing all you do,
but allowing all kinds of DDos attacks against your X server.
your font server will be exposed to the net, and can be highjacked.
your printer services 'could' be exposed to the net. Think what someone
who doesn't like you could do with an open printer interface!
Some of these things require that you have services turned on and or
configured differently that the default, but the point is still true.
Good Luck!
More information about the fedora-list
mailing list