Le 21/09/2018 à 19:09, Dan Ritter a écrit :
Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:
- outbound: permit
- forward: deny
- inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
response to an outbound packet
Why should unsolicited NTP, DHCP and DNS inbound packets be allowed ?Why should only TCP inbound responses be allowed ? What about UDP-based protocols, ping replies (ICMP echo reply), ICMP error messages, and so on ?