Firewall

[Stephen John Smoogen]

On Mon, Dec 6, 2010 at 19:10, Chris Adams <cmadams at hiwaay.net> wrote:
> Once upon a time, Adam Williamson <awilliam at redhat.com> said:
>> I use it as a safety net for much this reason. I am not comfortable with
>> 100% guaranteeing that 'helpful' services we install by default like
>> Avahi are not doing things I really wouldn't want them to do when I
>> connect to some open wifi network.
>
> So, you don't trust the services that are installed by default, but you
> do trust the installed default firewall config?

Why yes, yes I do. There are a lot of services that are listening to
0.0.0.0:* on my system I have no idea about but when I turn off things
quit working in weird ways.

I know the default firewall allows in 22 only because I said so.
However the key thing is I can and do test that the firewall works.
[Can I attach to cups, avahi, ntp, portmap, dhcpd (because I am
running virt systems).. if I can then the firewall is broken.] I can
not test what those apps do or how safe they are.




-- 
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren