Fedora 10 Live CD services (all necessary?)

Chuck Anderson cra at WPI.EDU
Thu Oct 9 17:04:18 UTC 2008


On Thu, Oct 09, 2008 at 06:55:52PM +0200, Valent Turkovic wrote:
> I also said that I'm a "above average desktop user" so you could also
> replace "I don't need" with "average desktop used doesn't need".
> 
> I believe that services should be regarded with the same attitude as
> open ports on a firewall. Some long time ago all ports were open and
> only "bad ones" were open, now all are closed and only explicitly ones
> are opened. Also all security and administration Rad Hat guides say
> that all unnecessary services should be turned off, and only turned on
> if explicitly needed.

Funny of you to bring this up and then suggest that the IPv6 firewall 
should be *disabled* by default.  Whether you know it or not, your 
system is running IPv6.  It is accessible via link-local at the very 
least, and if you happen to roam to a network that provides IPv6, you 
will get global connectivity.  Eventually I hope to have Fedora on par 
with other operating systems, and provide Teredo functionality [1] by 
default, which means automatic tunneled IPv6 global connectivity by 
default, even behind NATs.  ip6tables is important to have on by 
default now, and will only become more so important over time.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=437626




More information about the devel mailing list