RH Taroon Beta Open Ports

Howard Owen hbo at egbok.com
Mon Aug 25 21:15:22 UTC 2003


Hear, hear!

The "soft chewy inside" is dead. Long live defense-in-depth!

On Mon, 2003-08-25 at 11:41, David T Hollis wrote:
> Steve Dickson wrote:
> 
> > rhldevel at assursys.co.uk wrote:
> >
> >> On Mon, 25 Aug 2003, Bill Nottingham wrote:
> >>
> >> But to a lot of naïve users, firewalls are deeply technical things, that
> >> they worry will interfere with normal usage. As a result, I believe a 
> >> number
> >> of such users will install with the firewall disabled, or stop it when
> >> attempting to get things working - perhaps never to (re-)enable it. 
> >> Having
> >> things like X11, portmapper and rpc.statd listening on an external 
> >> interface
> >> is asking for trouble, IMHO.
> >>
> > For network security firewalls are the answer... not disabling network 
> > applications...
> > All we can do is give them the tools... but we can not shooting 
> > themselves in the foot...
> >
> > SteveD.
> >
> >
> > -- 
> > Rhl-devel-list mailing list
> > Rhl-devel-list at redhat.com
> > http://www.redhat.com/mailman/listinfo/rhl-devel-list
> 
> Wrong.  Security in-depth is the answer.
> 
> Good - IP ports are firewalled
> Better - application is not running
> Best - application is not even installed
> 
> 
> --
> Rhl-devel-list mailing list
> Rhl-devel-list at redhat.com
> http://www.redhat.com/mailman/listinfo/rhl-devel-list
-- 
Howard Owen                     "Even if you are on the right
EGBOK Consultants                track, you'll get run over if you
hbo at egbok.com    +1-650-339-5733 just sit there." - Will Rogers





More information about the devel mailing list