Re: Why not have firewall rules by default?

["Jose Marrero" <jmm19@humboldt.edu>]

>> Please check out section 3.6 of the "Securing Debian Manual". IIRC:
>>
>> - a default install (i.e. one in which you just press "Enter" all the
>> way and
>>   select no tasks) will get you OpenSSH, Exim and portmap, with Exim
>> bound to
>>   the loopback interface.
>
> portmap is typically not bound to the loopback interface.  It's mostly
> used for fam, I think, so this should really be feasible.  (But the
> localhost restriction patches for Sun RPC are broken anyway, AFIACS.)
>

He is not saying portmap is bound to the loopback interface, only Exim.
However, this is one of the first things I do on a typical Debian install.


-- 
-JM.

?Estos días azules y este sol de la infancia.?(Antonio Machado-1939)