RH Taroon Beta Open Ports
Felipe Alfaro Solana
felipe_alfaro at linuxmail.org
Mon Aug 25 19:42:19 UTC 2003
On Mon, 2003-08-25 at 20:41, David T Hollis wrote:
> Wrong. Security in-depth is the answer.
>
> Good - IP ports are firewalled
> Better - application is not running
> Best - application is not even installed
I agree 500% ...
If we can:
1. We shouldn't even install portmap or nfs-utils
2. If we can't do 1, then disable portmap and nfs*
3. If we can't achieve neither 1 nor 2, make them bind to localhost
4. Else, enable firewall by default and get picky if the user tries to
disable it.
More information about the devel
mailing list