Hello Martin,
Wednesday, March 07, 2001, 1:05:17 AM, you wrote:
MM> there is no argument for making 'Weak ES Model' default. Including
Catch one: changing security model will give additional undesired work
for administrators. Situation where multihomed host has services
binded to all interfaces is more common then situation where
multihomed host has a services binded to single interface. I do not
feel myself guru in this question. But I see no enough security risk
in this problem to change default behavior, essentially for multihomed
hosts. Nevertheless it could be nice to have configuration option,
something like "disable internal routing".
MM> the fact that almost no current
MM> Security-HOWTO's/Firewall-HOWTO's/Networking-HOWTO's don't discuss
MM> that topic ...
It's a good point to update HOWTO's. They MUST discuss this topic
regardless of results of this flame. Linux HOWTO's must be updated
long time ago, because they are incomplete and miss a lot of key
moments. Example:
Firewall-HOWTO from www.linux.org Updated: February 2000. IP
filtering setup (IPFWADM and IPCHAINS) section. Demo rules make false
sense of security, because external hacker can access whole network
by UDP using source port 53 (destination port never checked) and all
unprivileged TCP ports using source port 80 (connection doesn't
checked to be established). Nearly same problem in Linux
IPCHAINS-HOWTO.
Sorry, if I chose wrong source for getting HOWTO's - I'm not from
Linux world.
MM> Have a nice day
--
~/3APA3A
Íĺďđč˙ňíîńňč íŕ÷íóňń˙ â âîńĺěü. (Ňâĺí)