"Workstation" Product defaults to wide-open firewall
Reindl Harald
h.reindl at thelounge.net
Mon Dec 8 09:24:56 UTC 2014
Am 08.12.2014 um 07:41 schrieb Kevin Kofler:
> I just happened to look at the firewalld default settings, and I was not
> amused when I noticed this:
> http://pkgs.fedoraproject.org/cgit/firewalld.git/tree/FedoraWorkstation.xml
>> <port protocol="udp" port="1025-65535"/>
>> <port protocol="tcp" port="1025-65535"/>
> This "firewall" is a joke! ALL higher ports are wide open!
seriously?
how was i attacked as i called it repeatly not smart even consider lower
the default security..... a ton of services are listening on high ports
these days and *incoming* the only needed rule is:
ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141208/e74f5014/attachment.sig>
More information about the devel
mailing list