Re: Why does Debian allow all incoming traffic by default
- Date: Sun, 23 Sep 2018 22:54:25 +0100
- From: Brian <ad44@xxxxxxxxxxxxxxx>
- Subject: Re: Why does Debian allow all incoming traffic by default
On Sun 23 Sep 2018 at 21:59:38 +0100, Joe wrote:
> On Sun, 23 Sep 2018 18:58:07 +0100
> Brian <ad44@xxxxxxxxxxxxxxx> wrote:
> > On Sun 23 Sep 2018 at 00:05:58 +0100, mick crane wrote:
> > > On 2018-09-21 18:29, Subhadip Ghosh wrote:
> > > Debian is a Universal OS.
> > > >
> > > > I wouldn't say whatever you said, doesn't make sense. I wish there
> > > > were an easier way to know about it when I started using the OS,
> > > > something to warn me that I need to configure the firewall to
> > > > suit my needs. Maybe because I came from a different OS where the
> > > > defaults were stricter, my expectations about the defaults were
> > > > different.
> > >
> > > fell foul of this years ago. installed OS, naively went on IRC
> > > while looking about at what was installed.
> > > "oh, I seem to have ports open"
> > > 20 seconds later somebody took over my account"
> > Tough.
> > > Rapidly pulls cable and reinstalls.
> > And never used IRC again. :)
> > > Some sort of a warning during installation.
> > > "there is no firewall running, You should probably set up some
> > > rules"
> > >
> > > would be helpful.
> > The ordinary user's eyes would glaze over. The installation process is
> > ok as it is.
> There are firewall applications which can produce fairly sensible
> defaults painlessly, towards which a hint might be made. If you need
> more control, learn iptables early, you will eventually anyway.
Such applications exist. They have never been part of a default
installation of Debian or ever mentioned. Deduce from that what
iptables is available. I've never needed to use it. The vast
majority of users won't need it either.