Fedora default services (was: Re: F15 Feature - convert as many service init files as possible to the native SystemD services)
Kevin Kofler
kevin.kofler at chello.at
Fri Dec 10 23:57:48 UTC 2010
Chris Adams wrote:
> The only thing you need a firewall by default for is to prevent services
> that are listening on the network from being accessible. The better
> solution is to stop having services listen on the network by default.
FWIW, this is what Ubuntu has been doing for ages (they call it "zero open
ports policy"), and AFAIK they do not enable iptables by default because of
this.
That said, "zero open ports" also got complaints, e.g. because they disabled
the CUPS web-based configuration interface to close port 631.
Kevin Kofler
More information about the devel
mailing list