Re: Firewall and user services that needs open ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jun 23, 2008 at 3:58 AM, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote:

Le Lun 23 juin 2008 08:37, Callum Lerwick a écrit :

> Yes, the correct thing to do for local security is use something like
> selinux to prevent things from binding to interfaces/ports they
> shouldn't be
> binding to in the first place. Using iptables for this is a completely
> unsustainable hack. iptables firewalling is for machines that route
> packets to other machines.

Iptables is actually wonderfully simple and transparent to normal
users, unlike apps that do black magic using a system bus one can't
inspect,

dbus-monitor --system
d-feet
 

You'll take iptables out of my system the day I can easily check the
spaguetti pile userspace is those days is not misbehaving.

netstat -ln 

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux