[Nottingham] Ubuntu/firewalls (lack of)/wine
Alan Pope
alan.pope at gmail.com
Tue Dec 21 18:54:54 GMT 2004
On Tue, 21 Dec 2004 17:50:45 +0000, Martin <martin at ml1.co.uk> wrote:
> Alan Pope wrote:
>
> > A firewall would stop them getting in,
>
> In the first place, no.
>
I didn't mean that. I meant getting in as in accessing the opened port.
> Or are you thinking Micro-Soft-in-the-head Everything Enabled Holy
> Unsecurity?
>
I don't *do* Microsoft.
> > and may (depending upon your
> > rules) stop the rogue program calling out.
>
> Most firewalls are very lazyly configured to let everything out and
> anything related back in.
>
But this would not be of that kind. This would be a program which is
listening on a port - a server. It isn't a client initiating a
connection out and getting a reply back. So the firewall would block
the inbound connection as it's a new one.
Agreed though if the program made a connection out and expected the
reply to be coming in, then yes many a firewall would let that reply
back in.
> If you are alert enough to add restrictions, then you likely wouldn't
> have the malware installed in the first place!
>
Redhat used to have an option (when I used it years ago) to install a
firewall as default. I'm sure the current FC ones do too, it surprises
me Ubuntu doesn't at least give an option for one.
> > Unlikely, but entirely possible.
>
> And likely even with a fully secured firewall, you've left port 80 open
> so that you can surf the web... Hence the firewall is still superfluous
> other than adding a few restrictions and adding to the admin overheads.
>
As I have outlined, I disagree.
> Next?
>
Nice. :(
More information about the Nottingham
mailing list