Re: Why does Debian allow all incoming traffic by default
- Date: Fri, 21 Sep 2018 09:02:26 +0530
- From: Subhadip Ghosh <subhadip.sky@xxxxxxxxx>
- Subject: Re: Why does Debian allow all incoming traffic by default
On Friday 21 September 2018 08:51 AM, Roberto C. Sánchez wrote:
On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
I am using Debian and the recently I learned that a standard Debian
installation allows all 3 types of traffics especially incoming by default.
What do you mean by "all 3 types of traffics"?
Incoming, Outgoing and Forward
But does it make the system more vulnerable in any way to attacks over
the network? And how will a new Debian user would know of this
behaviour? I don't even see it mentioned on the Stretch Installation
I know I can easily use iptables to tighten the rules but I wanted to know
the reasons behind the choice of this default behaviour and if it makes the
system more vulnerable?
The behavior you observe is likely because that is the best default that is
Search engines (Google and Duckduckgo). Search terms were similar to the
email subject line. I also read the wiki on Debian Firewall where it
says about the choice of defaults but not the reasons.
I tried searching on the Internet but did not get
any satisfactory explanation. It will be helpful if anybody knows the
answers to my questions or can redirect me to a helpful document.
Where did you search or what terms did you use?