Web lists-archives.com

Re: Why does Debian allow all incoming traffic by default




Le 21/09/2018 à 19:09, Dan Ritter a écrit :

Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:

     - outbound: permit
     - forward: deny
     - inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
       response to an outbound packet

Why should unsolicited NTP, DHCP and DNS inbound packets be allowed ?

Why should only TCP inbound responses be allowed ? What about UDP-based protocols, ping replies (ICMP echo reply), ICMP error messages, and so on ?