F21 System Wide Change: Workstation: Disable firewall
simo at redhat.com
Tue Apr 22 19:04:57 UTC 2014
On Tue, 2014-04-22 at 14:41 -0400, Russell Doty wrote:
> On Tue, 2014-04-22 at 14:23 -0400, Simo Sorce wrote:
> > On Tue, 2014-04-22 at 13:22 -0400, Russell Doty wrote:
> > > On Tue, 2014-04-22 at 19:01 +0200, Miloslav Trmač wrote:
> > > > 2014-04-22 13:40 GMT+02:00 Stephen Gallagher <sgallagh at redhat.com>:
> > > > 3) Recovery and auditing are more important than prevention.
> > > >
> > > > This is only true for large managed enterprises, where recovery is
> > > > possible in the first place (how many people don't have good
> > > > backups?), and prevention is bordering on impossible (with the high
> > > > number of systems and administrators). For individual users auditing
> > > > is completely pointless, recovery is either impossible or a huge
> > > > hassle, and prevention the only option.
> > > Well, the presentation was focused on enterprise systems...
> > >
> > > But there were some underlying themes:
> > >
> > > * Users will work around anything, including security features, that
> > > interfere with them doing their job.
> > >
> > > * It is impossible to completely secure a system. A prevention only
> > > approach doesn't work well.
> > >
> > > * An effective security model is built around Deter, Detect, Delay,
> > > Respond, Remediate.
> > >
> > > * Security is one of multiple threats to system integrity.
> > All very true, but you do not remove the Deterrent, just because you
> > have the other 4 layers (which we do *not* have very much in Fedora when
> > it is used as a simple workstation).
> Absolutely true - the foundation of the stack is Deter. The point is
> that we can't harden a system enough for Deter alone to be fully
> effective, so we need to have the complete security model.
> And you are right. We have a real opportunity to look at an overall
> "people centric" approach to security in Fedora. Look at the traditional
> threat models, look at the people issues, and look at an overall
> approach to maintaining system integrity.
> I'd like to see us exploring system integrity in greater depth.
> > This is why people say we need to improve the Firewall experience not
> > raise white flag and disable it.
> Agree. Unfortunately, the easy way out is to punch so many holes in the
> default firewall that it doesn't offer much protection...
not really true, having the default one allow access only from the local
lan at most is a huge improvement rather than no firewall.
All you need is a button that lets you select between 3 zones when you
join a new network and you have a much better system already, nothing
fancy, and the 3 zones correspond to the concepts of:
open to everyone (effectively disables any protection)
open to the local lan only (what you would select at home/work/trusted
closed (what you would select in a public place on an untrusted network)
It is quite simple to describe even to a non expert user what these
means in general terms.
Of course it won't be perfect, but much better than nothing, and much,
much friendlier than what we have now.
Simo Sorce * Red Hat, Inc * New York
More information about the devel