[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: End-user laptop firewall available?

On Sun, Dec 8, 2013 at 9:56 AM, Riku Valli <riku.valli@vallit.fi> wrote:
> Thats true, but if we speaking about firewall rules. Every rule where
> source, destination or ports are any means at rule and firewall is most
> in cases a useless and this is true most in time a laptop/desktop.
>
> When somebody gain root access via vulnerability and this kind of rule.
> Hs/she owns your host and firewall.
>
> Normal Debian installation uses only avahi/mdms port udp 5353. Others
> example cups listen only localhost, but most of users install sshd which
> isn't intalled default. Exim ask which kind configuration, but default
> is listen only localhost. That is what tasksel offer at default
> installation.
>
> <sarcasm>
> If you don't trust your own host. I recommed use snort, aide, policykit
> or selinux or apparmor and audit at least with you firewall :)
> </sarcasm>

Security in depth is always useful. You'll always have risks of
someone finding a way to go around the security you've put in place.
You just want to make it as hard as possible in an adequate amount of
time.

-- 
Jérémie MARGUERIE
Reply to: