Re: Why does Debian allow all incoming traffic by default
On Mon, Sep 24, 2018 at 07:39:59PM +0100, Jonathan Dowland wrote:
> On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > Run a netstat -t -l and you will see there is nothing listening. So
> > what is the point of running a firewall?
> There's plenty of reasons to run a firewall even if you think you are
> not running any services. You may be mistaken; a service may be started
> without your knowledge, either in error or as an unintended consequence
> of something you have done (install/run another piece of software); or,
> a third party may have acquired access to your machine in some way and
> attempted to run a backdoor process to listen for incoming connections.
And there are also reasons not to install by default one. And this is what
the OP was about. The default is to not install listening services a thus
no need for a firewall. Any default firewall would then force
maintainers of packages to test for the default firewall and if present
inject a default rule to make the service available. Otherwise you will
have endless rants about "why is my ssh not working.." etc.
Henning Follmann | firstname.lastname@example.org