On Mon, 25 Aug 2003, Bill Nottingham wrote:
rhldevel(a)assursys.co.uk (rhldevel(a)assursys.co.uk) said:
> Which local processes? We've already heard about sgi_fam, and we already
> know about NIS and NFS, but is this really worth leaving it listening on
> external interfaces in a _default_ install?
Set up a firewall, as is the default in the install...
Certainly, and allowing easy configuration of Linux's IP filtering
functionality at install time was a very responsible move by RH.
But to a lot of naïve users, firewalls are deeply technical things, that
they worry will interfere with normal usage. As a result, I believe a number
of such users will install with the firewall disabled, or stop it when
attempting to get things working - perhaps never to (re-)enable it. Having
things like X11, portmapper and rpc.statd listening on an external interface
is asking for trouble, IMHO.
Bill
Best Regards,
Alex.