RH Taroon Beta Open Ports

rhldevel at assursys.co.uk rhldevel at assursys.co.uk
Mon Aug 25 15:31:12 UTC 2003


On Mon, 25 Aug 2003, Florian La Roche wrote:

> > So I see no reason what so ever to turn off portmapper. Lets not make a
> > system more difficult to deal with for simply no reason...
> 
> I agree. It makes "client usage" much easier and

There's always a trade-off between security and ease-of-use. What proportion
of the installed base of Linux clients use RPC-based protocols? Not many I'd
wager, suggesting that the trade-off can be biased towards security, with
little-to-no impact on the majority of users.

> servers should anyway get protection via firewalls and special security
> changes.

"should" and "do" are quite different things. Servers should also have
security updates applied in a timely manner, but they frequently tend not to
in the real world.

Where security is concerned, it's best not to rely upon single points of
failure.

> greetings,
> Florian La Roche

Best Regards,
Alex.





More information about the devel mailing list