Hello all.
Is it okay that firewall is completely disabled by default (opened all
ports 1025-65535) on Fedora Workstation?
I think that this is a major vulnerability and it must be fixed by
changing default zone to public.
firewall-cmd --list-all
FedoraWorkstation (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: dhcpv6-client mdns samba-client ssh
ports: 1025-65535/udp 1025-65535/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
--
Sincerely,
Vitaly Zaitsev (vitaly(a)easycoding.org)
Show replies by thread