RH Taroon Beta Open Ports
Felipe Alfaro Solana
felipe_alfaro at linuxmail.org
Tue Aug 26 08:37:56 UTC 2003
On Tue, 2003-08-26 at 07:47, Panu Matilainen wrote:
> The difference is that enabling/disabling firewall is a single click of mouse in
> the installer in all of the installation modes and IIRC anaconda doesn't nag
> about dangers of disabling the fw in any way (apart from help text perhaps) ->
> you don't need much knowledge to disable that, but you do need a little bit of
> knowledge to turn on services post install.
>
> I'd have to agree with Alex & others: most home users are not going to use/need
> NFS and where NFS servers exist, there exists knowledgeable persons to set the
> clients up. My +1 for disabling NFS client services by default.
I would say that, additionally, running a firewall shouldn't be the only
line of defense. Imagine that, by any reason, a non-root user downloads
a compromised binary that tries to use an unknown exploit on portmap,
for example. By not running portmap, we eliminate one additional piece
of trouble.
More information about the fedora-devel-list
mailing list