Hosting Provided By

Re: Why not have firewall rules by default?

From: Rolf Kutz <rk(at)vzsze.de>
Date: Wed Jan 23 2008 - 10:56:47 EST

On 23/01/08 08:29 -0700, Michael Loftis wrote:
>
>It's better to leave the service disabled, or even better, completely
>uninstalled from a security standpoint, and from a DoS standpoint as well.
>The Linux kernel isn't very efficient at processing firewall rules. Newer

I thought it was very efficient in doing so. YMMV.

>
>This much does exist. invoke-rc.d iptables save --- i'm not sure what
>package the /etc/init.d/iptables script is in, seems to me like it was part
>of the same package that provided the binaries.

Didn't that get removed?

regards, Rolf

-- 
... But, conscience asks the question, 'Is it right?' ...


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Wed Jan 23 11:05:59 2008

This message: [ Message body ]
Next message: maximilian attems: "Re: Why not have firewall rules by default?"
Previous message: Michael Loftis: "Re: Why not have firewall rules by default?"
In reply to: Michael Loftis: "Re: Why not have firewall rules by default?"
Next in thread: Riku Valli: "Re: Why not have firewall rules by default?"
Reply: Riku Valli: "Re: Why not have firewall rules by default?"
Reply: Henrique de Moraes Holschuh: "Re: Why not have firewall rules by default?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:55:22 EDT