F21 System Wide Change: Workstation: Disable firewall

Reindl Harald h.reindl at thelounge.net
Sun Apr 20 22:02:37 UTC 2014

Am 20.04.2014 23:44, schrieb drago01:
> On Sun, Apr 20, 2014 at 10:56 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> after you booted the new installed machine and open ports of
>> possible vulnerable services which needs updatdes it is
>> *too late* to enable the firewall for preventing already
>> happened damaged
> Do you even know how backwards that reads?
> If you really know what you are doing you do *not* enable network
> facing services without installing updates first


that is exactly the poor guy for wich the firewall should be disabled
in default installs to not overload his brain with a firewall

don't you realize how pervert your conclusion is?

> Anyway I am out of this discussion

you simply refuse to understand what i am saying

* there are network services enabled by default
* avahi is one of them
* you nor i can say for sure avahi never ever get a critical security update
* you nor i can be sure that there is not another network-service is running
* even if it is not running by intention it may be running by mistake as default
* so after you installed a new system avahi is running and the firewall down
* how do you genius install the updates without a network

and to *not* have to consider what is safe and what you have to stop after
a fresh install before you can plug your machine to the network for install
security relevant updates a firewall has to be enabled by default

honestly it's good that you are out of this discussion because you seem
to not have you clue about security nor understand the implications of
"who knows hat he is doing and why the one who don't need sane defaults"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140421/eabafdbe/attachment.sig>

More information about the devel mailing list