Re: how to detect hack attempts. [SOLVED]
On Saturday, February 22, 2020 8:38:38 PM MST Samuel Sieb wrote:
On 2/22/20 7:34 PM, John M. Harris Jr wrote:
> On Saturday, February 22, 2020 8:17:01 PM MST Samuel Sieb wrote:
>
>> On 2/22/20 7:07 PM, John M. Harris Jr wrote:
>>
>>
>>
>>> Glad to hear it. A quick note, Fedora Workstation (what I refer to as
>>> the
>>> "GNOME Spin") may send out an update which resets your firewall
to
>>> their
>>> defaults, which would open you back up to attacks. I'll pass this
>>> along,
>>> and hopefully we can get a more sane firewall into Fedora's GNOME
>>> experience within the year..
>>
>>
>>
>>
>> I guarantee that the firewall will not be changing. It has been
>> discussed at length in the past and that is what was decided on. Your
>> opinion on it is noted, but will not change anything.
>
>
> If it has been discussed at length, then you'd know that it makes no sense
> to open all of the ports that firewall zone opens. You've seen a
> real-world example of the harm that firewall zone causes in this very
> thread.
It makes sense and I didn't see any harm in this thread. Feel free to
bring it up again, but all you'll do is annoy people.
It makes absolutely no sense. The ports it opens are all meant to run as the
user, the ones that are, arguably, the most sensitive. It opens these on ALL
interfaces BY DEFAULT, which is absolutely absurd. This means that everything
binding a port as the user winds up open to every network they connect to,
unless the end user explicitly goes and changes the firewall zone, which the
GNOME UI doesn't even provide a way to do (unless something has changed), the
use has to use firewall-cmd or open nm-connection-editor. The harm in this
demonstrated in this thread was opening EVERY PROCESS THAT BINDS A PORT AS THE
USER to THE ENTIRE INTERNET, on both IPv4 and IPv6.
--
John M. Harris, Jr.
Splentity