[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disable ZeroConf: how to ?

On Thursday 03,March,2011 06:56 AM, Klaus Ethgen wrote:
> Am Mi den  2. Mär 2011 um 23:09 schrieb Julien BLACHE:
>>> Because I work in a untrusted work place and home network (public
>>> networks, wifi...) I whish to purge zeroconf functionnality.
>> Looks like you want a firewall. Just sayin'.
> Ehem, no.
> A system has not to listen for any unused and unneeded services ever. A
> firewall is to control services you _need_.
> All that zeroconf stuff is absolutely not needed and wanted. (By the
> most users, I suppose.)
> Regards
>    Klaus

Actually I absolutely love the <machine>.local resolution functionality on a
network (it works much better than the NetBIOS crap that can never find another
machine on a network when you want it). That, and Pidgin's Bonjour support
interfaces with iChat over zeroconf, allowing you to chat with users (and
exchange files, perhaps?) across a network without needing to set up a
centralized chatting system.

I think those two functionalities are pretty useful to the end-user.

Rather than blabbering about potential security issues stemming from
avahi-daemon being installed and enabled on a system, how about actually finding
one and reporting it?

gnome-user-share does not share stuff by default as far as I can tell, and
padevchooser only uses avahi-daemon for discovering extra Pulseaudio sinks on
the network (it doesn't advertise its own sinks by default).

An avahi-enabled system that advertises no services is pretty much as secure as
the avahi-disabled system.

Kind regards,
Loong Jin

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: