On Mon, Dec 6, 2010 at 19:10, Chris Adams <cmadams(a)hiwaay.net> wrote:
Once upon a time, Adam Williamson <awilliam(a)redhat.com> said:
> I use it as a safety net for much this reason. I am not comfortable with
> 100% guaranteeing that 'helpful' services we install by default like
> Avahi are not doing things I really wouldn't want them to do when I
> connect to some open wifi network.
So, you don't trust the services that are installed by default, but you
do trust the installed default firewall config?
Why yes, yes I do. There are a lot of services that are listening to
0.0.0.0:* on my system I have no idea about but when I turn off things
quit working in weird ways.
I know the default firewall allows in 22 only because I said so.
However the key thing is I can and do test that the firewall works.
[Can I attach to cups, avahi, ntp, portmap, dhcpd (because I am
running virt systems).. if I can then the firewall is broken.] I can
not test what those apps do or how safe they are.
--
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren