Re: Safety while network install.
On 2011-11-22, Sthu Deus <sthu.deus@gmail.com> wrote:
>
> My opinion is this: to disable any queries to Your host by iptables
> and/or xinit from outside world and then purge the packages You do not
> need.
>
This is a stand alone machine that's not supposed to be offering any
services whatsoever to the outside world. I've gotten rid of avahi and
portmap; what's left is cups (listening uniquely on the loopback
interface, at least I hope) and dhclient.
einstein:/home/curty# lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
cupsd 1778 root 5u IPv6 43230 0t0 TCP localhost:ipp (LISTEN)
cupsd 1778 root 7u IPv4 43231 0t0 TCP localhost:ipp (LISTEN)
dhclient 1814 root 6u IPv4 6366 0t0 UDP *:bootpc
<snipped the rest--browser(chrome) and slrn>.
I don't want to run a firewall because I don't what I'm doing and am too
ignorant to set up cupsd and dhclient securely. I think I'm running cups
securely. If I should do something about dhclient (udp, not tcp) please
be so kind as to tell me what.
Reply to: