[Firewall] Other possible bug in dyndns plugin

∫imøn ㋡ simon at simonbcn.net
Thu Jul 14 20:01:26 CEST 2011



El 14/07/11 19:40, Gustin Johnson escribió:
> On Thu, Jul 14, 2011 at 6:09 AM, ∫imøn ㋡<simon at simonbcn.net>  wrote:
>> I think the user is who must decide if open or not all ports to an IP. It is
>> assumed that when he does this is because he is fully confident in that IP.
>> In my case, for example, I want open all ports of my remote server to my own
>> PC (I'm the administrator).
> You can still do this if you want.  Just define a range that includes
> all 65535 ports for any given host.  I agree with Arno that the
> default behavior should be closed.  The user still gets to choose, but
> must explicitly set all ports as open if that is what he or she wants
> to do.
Ok, then Arno's Firewall should show an error when it detects an IP 
without ports in that conf file. Don't you agree? Now it says nothing.
>
>> If I want open all ports to my PC, it's much more comfortable define only
>> the IP without ports.
> Sure it is easier, but one of the reasons for using a script like this
> is the secure by default approach that helps to prevent end users from
> leaving something open by accident.
>
> Just my 2c
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list