[K12OSN] port blocking
"Terrell Prudé Jr."
microman at cmosnetworks.com
Fri Apr 11 09:05:44 UTC 2008
Nils Breunese wrote:
> James P. Kinney III wrote:
>
>> On Thu, 2008-04-10 at 08:57 +0200, Nils Breunese wrote:
>>> James P. Kinney III wrote:
>>>
>>>
>>>> 1. Remove the NIC from the windows machines will stop the problem.
>>>> (isn't w2k EOL'ed now? No more security fixes?)
>>>
>>> K12LTSP5 has reached EOL as well.
>>
>> True. But it at least _started_ from a sound security footing :)
>>
>> Actually, as long as a K12LTSP5 server does NOT have a directly
>> connected outward facing NIC, it is possible to use it's built in
>> firewall (iptables) to create a very secure system. The security risk is
>> from the client facing side anyway. The only real danger is user
>> elevation to root security holes. There is no reason to run other
>> outward facing services on a K12LTSP server other than ssh.
>
> I hear people are running webservers with Moodle and stuff like that
> on K12LTSP all the time. Of course there are reasons to run other
> outward facing services. Yeah, you could also run stuff like that on
> another box, but maybe you don't have one.
>
> Nils Breunese.
All the more excuse to upgrade from K12LTSP 5 to K12LTSP 5.0EL.
--TP
More information about the K12OSN
mailing list