[PLUG] iptables On Default Installs?
Anderson, Rob (Global Trade)
Rob.Anderson at nike.com
Wed May 5 09:48:02 UTC 2004
> I was pondering "sasser" just now, briefly, as I emailed my old man,
> telling him 'Doze users running ZoneAlarm shouldn't be
> affected; though
> I'm not absolutely certain that's true.
>
> Anyway, assuming this sort of attack is blocked by a good
> firewall (yes,
> and not running unneeded services, etcetera), I'm wondering if distros
> like Fedora and Mandrake are installing with a default iptables
> configuration of any kind. (For, if I say Linux users are better off
> for security, it isn't because their ports are nicely sealed; to the
> contrary, it can be argued they are better off only because
> they are not
> running the poopular OS.) If I recommend the Linux on the desktop for
> this reason, people might expect it to solve the firewall problem, but
> does it?
>
> It could be a simple matter of adding a startup script or something,
> which is still better than installing ZoneAlarm on Winders. But with
> Gentoo I had to write my own iptables script, which is not an end user
> type thing.
There are various UIs and script for generating iptables scripts. Still not quite an end user type thing, but certainly a sysadmin type thing.
-Rob A
More information about the PLUG
mailing list