Le 28.05.2014 18:05, Joe a écrit :
On Wed, 28 May 2014 21:25:23 +1000 Chris Angelico <rosuav@gmail.com> wrote:On Wed, May 28, 2014 at 9:03 PM, Joe <joe@jretrading.com> wrote: > The point here is that all modern hardware is capable of IPv6, and > even if you aren't using it, malware writers may be. And by > default, a Debian machine is wide open to IPv6, and some of its > software is listening to it. Run a netstat to see which. On the other hand, internet connections generally don't offer IPv6 without loudly proclaiming it as an advertisable feature, so if your computer is v6 accessible from the internet, you probably know.The OP implied living in a network he didn't control completely, whichmay have a mix of operating systems, and possibly local malware. -- Joe
It is the LAN of my employers, I do not know if I can trust the network or not: I am the only linux users here ( modulo servers ), but except the boss and one administrative person, everyone have programming and/or networking knowledge.
Honestly, I do not really mind security for now, I just want to have the tools I consider essential for a professional programming activity. But if there are things to know about security, I will be very happy to learn and use those.
In short: I am a newly employed guy in an enterprise where a lot of income is from 1 client ( which is bad enough by itself but: ), with versionning system named cp.OLD, no automated testing at all, no bugtracking ( oh, yes, there is: some excel files... sigh ) and "send to client's servers to test your soft, man" politic. I can not ( well, I can, but it's stupid and imply a lot of loss of time for everyone ) work like that, so I want to install all of those tools. I asked for a server to network guys, and finally have one now on which I can work. I obviously do not use it when I try to configure all this stuff, only to deploy what I achieved to make working on my own computer, and that VLan stuff is the last part ( but probably the most important one, too ).
With more details:What I basically want to do, and I do not understand how they ( my programmer colleagues ) can happily live without that, is a server for source versionning, bug tracking, wikis, etc. This stuff does not need any virtual system or network, and is relatively easy to deploy.
But, and it is why I need this virtual and iptables stuff, I would like to simulate the production environment of our main client. Would you trust me if I say that currently, testing ( beta ) and development ( alpha ) versions of softwares are directly sent on production servers? It hurt me a lot ( and not only because it is bad and disgusting: it also makes everything a lot more complex ), so I want to have a replica of that network in our own network. 2 replicas, in fact, one for testing, and another for programming, so that automated tests ( which are currently lacking, too ) could be made.