On Sun, Dec 8, 2013 at 9:56 AM, Riku Valli <[email protected]> wrote: > Thats true, but if we speaking about firewall rules. Every rule where > source, destination or ports are any means at rule and firewall is most > in cases a useless and this is true most in time a laptop/desktop. > > When somebody gain root access via vulnerability and this kind of rule. > Hs/she owns your host and firewall. > > Normal Debian installation uses only avahi/mdms port udp 5353. Others > example cups listen only localhost, but most of users install sshd which > isn't intalled default. Exim ask which kind configuration, but default > is listen only localhost. That is what tasksel offer at default > installation. > > <sarcasm> > If you don't trust your own host. I recommed use snort, aide, policykit > or selinux or apparmor and audit at least with you firewall :) > </sarcasm>
Security in depth is always useful. You'll always have risks of someone finding a way to go around the security you've put in place. You just want to make it as hard as possible in an adequate amount of time. -- Jérémie MARGUERIE -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CAKS89Gq_b4ydveGC2GEqHh2fZz_ynNXmx0CUXqL=_fmnw8n...@mail.gmail.com
