Well, why is that necessary, and how is it better than the current
configuration?
Best security practice dictates that a firewall, by default, should be
configured in such a manner that everything is allowed out, but nothing
in, except those that are related to outgoing connections.
Any default configuration that differs from that does not contribute to
the security of a system.
Just my $0.02.
--
finid
On 2014-12-09 08:33, Jan Rusnacko wrote:
Firewalld in F21 workstation will have opened all tcp and udp ports
above 1024.
On 12/09/2014 03:28 PM, finid(a)vivaldi.net wrote:
> I think I missed what the discussion is all about.
>
> What is the gist of the "open by default firewall" discussion?
>
>
> --
> finid
>
>
> On 2014-12-09 08:02, Jan Rusnacko wrote:
>> Hey guys,
>>
>> given that there is quite heated discussion about open by default
>> firewall, is this something we want to contribute to (as a team) ? Do
>> you think we a) can and b) should come with a statement and join the
>> discussion ?
>>
>> We started looking into making fedora more secure with
>> PermitRootLogin
>> and this case seems similar (though with opposite outcome).
> _______________________________________________
> security-team mailing list
> security-team(a)lists.fedoraproject.org
>
https://lists.fedoraproject.org/mailman/listinfo/security-team