RH Taroon Beta Open Ports

Felipe Alfaro Solana felipe_alfaro at linuxmail.org
Tue Aug 26 08:37:56 UTC 2003


On Tue, 2003-08-26 at 07:47, Panu Matilainen wrote:

> The difference is that enabling/disabling firewall is a single click of mouse in
> the installer in all of the installation modes and IIRC anaconda doesn't nag
> about dangers of disabling the fw in any way (apart from help text perhaps) ->
> you don't need much knowledge to disable that, but you do need a little bit of
> knowledge to turn on services post install.
> 
> I'd have to agree with Alex & others: most home users are not going to use/need
> NFS and where NFS servers exist, there exists knowledgeable persons to set the
> clients up. My +1 for disabling NFS client services by default.

I would say that, additionally, running a firewall shouldn't be the only
line of defense. Imagine that, by any reason, a non-root user downloads
a compromised binary that tries to use an unknown exploit on portmap,
for example. By not running portmap, we eliminate one additional piece
of trouble.





More information about the devel mailing list