[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Safety while network install.

On 2011-11-22, Sthu Deus <sthu.deus@gmail.com> wrote:
>
> My opinion is this: to disable any queries to Your host by iptables
> and/or xinit from outside world and then purge the packages You do not
> need.
>
This is a stand alone machine that's not supposed to be offering any
services whatsoever to the outside world.  I've gotten rid of avahi and
portmap; what's left is cups (listening uniquely on the loopback
interface, at least I hope) and dhclient.

einstein:/home/curty# lsof -i
COMMAND   PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
cupsd    1778  root    5u  IPv6  43230      0t0  TCP localhost:ipp (LISTEN)
cupsd    1778  root    7u  IPv4  43231      0t0  TCP localhost:ipp (LISTEN)
dhclient 1814  root    6u  IPv4   6366      0t0  UDP *:bootpc 
<snipped the rest--browser(chrome) and slrn>.

I don't want to run a firewall because I don't what I'm doing and am too
ignorant to set up cupsd and dhclient securely. I think I'm running cups
securely.  If I should do something about dhclient (udp, not tcp) please
be so kind as to tell me what.
Reply to: