"Workstation" Product defaults to wide-open firewall

Solomon Peachy pizza at shaftnet.org
Mon Dec 8 13:32:24 UTC 2014

On Mon, Dec 08, 2014 at 07:56:28AM -0500, Bastien Nocera wrote:
> Rootkit won't require opened *server* ports. It will contact a command 
> server through a client port, which requires no special privileges. If 
> you blocked the firewall for user applications, you just made the 
> system a pain to use for no security benefits.

And perhaps more to the point, a *rootkit* will just turn off (or open 
up a hole in) the firewall anyway.

 - Solomon
Solomon Peachy        		       pizza at shaftnet dot org
Delray Beach, FL                          ^^ (email/xmpp) ^^
Quidquid latine dictum sit, altum viditur.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141208/bf4d2ab8/attachment.sig>

More information about the devel mailing list