Fedora 10 Live CD services (all necessary?)

Valent Turkovic valent.turkovic at gmail.com
Thu Oct 9 17:15:27 UTC 2008 

On Thu, Oct 9, 2008 at 7:08 PM, Valent Turkovic
<valent.turkovic at gmail.com> wrote:
> On Thu, Oct 9, 2008 at 7:04 PM, Chuck Anderson <cra at wpi.edu> wrote:
>> On Thu, Oct 09, 2008 at 06:55:52PM +0200, Valent Turkovic wrote:
>>> I also said that I'm a "above average desktop user" so you could also
>>> replace "I don't need" with "average desktop used doesn't need".
>>>
>>> I believe that services should be regarded with the same attitude as
>>> open ports on a firewall. Some long time ago all ports were open and
>>> only "bad ones" were open, now all are closed and only explicitly ones
>>> are opened. Also all security and administration Rad Hat guides say
>>> that all unnecessary services should be turned off, and only turned on
>>> if explicitly needed.
>>
>> Funny of you to bring this up and then suggest that the IPv6 firewall
>> should be *disabled* by default.  Whether you know it or not, your
>> system is running IPv6.  It is accessible via link-local at the very
>> least, and if you happen to roam to a network that provides IPv6, you
>> will get global connectivity.  Eventually I hope to have Fedora on par
>> with other operating systems, and provide Teredo functionality [1] by
>> default, which means automatic tunneled IPv6 global connectivity by
>> default, even behind NATs.  ip6tables is important to have on by
>> default now, and will only become more so important over time.
>
> I know that no network I access has IPv6. No ADSL carrier in Croatia
> uses IPv6, my company doesn't use IPv6, and I in my home network I
> don't use IPv6.

ps. I also wrote:

"That is why I believe that ALL services should be disabled, and then
for each one there should be some kind of explanation why this service
absolutely needs to be enabled. All the rest services should be left
disabled by default."

Fedora 9 had an option during install where you choose to use or not
to use IPv6, I don't see that option in Fedora 10, why? If there is an
option I would like to disabel IPv6, and also IPv6 iptables. If there
is no option to disable IPv6 then as I wrote already "there should be
some kind of explanation why this service absolutely needs to be
enabled."

In a care that IPv6 can't be disabled in Fedora 10, as as previously
possible in Feodra 9, then IPv6 should be turned on by default.

Why do you only commend the "low hanging fruits" :) ie. services, what
are your comments regarding other services on the list?

Cheers,
Valent.

-- 
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

More information about the devel mailing list