Web lists-archives.com

Re: Why does Debian allow all incoming traffic by default




Le 22/09/2018 à 13:31, Dan Ritter a écrit :
On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
I do not see how all this replies to my question :

This comment was intended to Gene Heskett.

Why should only TCP inbound responses be allowed ? What about UDP-based
protocols, ping replies (ICMP echo reply), ICMP error messages, and so on ?

Given that my entire point was that no firewall policy other
than "configure it yourself" will work, it's really you missing
the point to expect me to describe a complete firewall policy tuned
to your desires.

It does not matter what you entire point was, and I do not expect you to describe a complete firewall policy. *You* exposed a supposedly default firewall policy which I happened to find questionable, so I questioned it.

You would not have exposed a broken firewall policy on purpose in order to prove your point, would you ?