Web lists-archives.com

Re: Why does Debian allow all incoming traffic by default




On Sun, 23 Sep 2018 18:58:07 +0100
Brian <ad44@xxxxxxxxxxxxxxx> wrote:

> On Sun 23 Sep 2018 at 00:05:58 +0100, mick crane wrote:
> 
> > On 2018-09-21 18:29, Subhadip Ghosh wrote:
> >  Debian is a Universal OS.  
> > > 
> > > I wouldn't say whatever you said, doesn't make sense. I wish there
> > > were an easier way to know about it when I started using the OS,
> > > something to warn me that I need to configure the firewall to
> > > suit my needs. Maybe because I came from a different OS where the
> > > defaults were stricter, my expectations about the defaults were
> > > different. 
> > 
> > fell foul of this years ago. installed OS, naively went on IRC
> > while looking about at what was installed.
> > "oh, I seem to have ports open"
> > 20 seconds later somebody took over my account"  
> 
> Tough.
> 
> > Rapidly pulls cable and reinstalls.  
> 
> And never used IRC again. :)
> 
> > Some sort of a warning during installation.
> > "there is no firewall running, You should probably set up some
> > rules"
> > 
> > would be helpful.  
> 
> The ordinary user's eyes would glaze over. The installation process is
> ok as it is.
> 

There are firewall applications which can produce fairly sensible
defaults painlessly, towards which a hint might be made. If you need
more control, learn iptables early, you will eventually anyway.

-- 
Joe