Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
On Thursday 19 April 2001 01:57, Nathan Dabney wrote:
> For those of you who do not like PARANOID, what would you suggest without
> reducing the protection? Does ALL: ALL with some commentary explaining
> where the user can go for more information sound good?
Well, and some blinking message lines at boot time warning the new user that
his machine is blocking all possible networking, absolutely ISOLATED? What
about to remove all networking support by default? So the user will have to
learn ALL networking risks before connecting/accepting connections from
anywhere (oh yes, he will learn a lot in the way).
What about to ask it at installation time? Wouldn't it be as secure as today
and user friendly at the same time?
Be serious, what type of system do we want? One both for users and for
servers, or a openbsd alike firewalling (user unfriendly) system?