Re: Why not have firewall rules by default?

To: debian-security@lists.debian.org
Subject: Re: Why not have firewall rules by default?
From: Rolf Kutz <rk@vzsze.de>
Date: Wed, 23 Jan 2008 16:56:47 +0100
Message-id: <[🔎] 20080123155647.GM13145@vzsze.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 8A0AA67A76C9E2B8277B2F98@ZOP-MACTEL-2.local>
References: <[🔎] 47975AE5.80801@gmail.com> <[🔎] 8A0AA67A76C9E2B8277B2F98@ZOP-MACTEL-2.local>

On 23/01/08 08:29 -0700, Michael Loftis wrote:

It's better to leave the service disabled, or even better, completelyuninstalled from a security standpoint, and from a DoS standpoint as well.The Linux kernel isn't very efficient at processing firewall rules. Newer


I thought it was very efficient in doing so. YMMV.

This much does exist. invoke-rc.d iptables save --- i'm not sure whatpackage the /etc/init.d/iptables script is in, seems to me like it was partof the same package that provided the binaries.


Didn't that get removed?

regards, Rolf
--
... But, conscience asks the question, 'Is it right?' ...

Reply to:

Follow-Ups:
- Re: Why not have firewall rules by default?
  - From: Riku Valli <riku.valli@vallit.fi>
- Re: Why not have firewall rules by default?
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- Why not have firewall rules by default?
  - From: William Twomey <william.twomey@gmail.com>
- Re: Why not have firewall rules by default?
  - From: Michael Loftis <mloftis@modwest.com>

Prev by Date: Re: Why not have firewall rules by default?
Next by Date: Re: Why not have firewall rules by default?
Previous by thread: Re: Why not have firewall rules by default?
Next by thread: Re: Why not have firewall rules by default?
Index(es):
- Date
- Thread