[clug-talk] OT: Discuss: really need a firewall?

Darren L xlr8me at gmail.com
Thu Apr 6 16:25:48 PDT 2006


And this, IMHO, is why one distro will never appeal to every user.

You are obviously a power user, and know more than enough about adminning
your own box, so I wouldn't even expect you to ever run without a firewall.


I'm coming from the perspective thinking that the average user loads a
computer, plays a game here and there, and uses the web to check email and
update their blog.  There are a billion ways that a computer can get
compromised -  obviously ubuntu has had to make some sacrifices to meet the
deadlines that they set for themselves, and I would hope that people that go
ahead and install services that listen on various on a machine directly
connected to the web would also know to install a firewall or just manage
iptables.

I'm far from an expert in the matter, but I give the ubuntu devs the benefit
of the doubt with their rationale that no services is fairly secure.  It's
not like they pretend that a firewall is not necessary, it's well documented
within their serverguide wiki.

I'm sure that if you took some time and decided to go ahead and package it
up, it would go far in the ubuntu community.



On 4/6/06, Aaron J. Seigo <aseigo at kde.org> wrote:
>
> On Thursday 06 April 2006 13:27, Darren L wrote:
> > to dapper (obviously).  IIRC, ubuntu doesn't have any ports open on the
> > default setup, so one would have to go through and enable services,
> wherein
>
> ... or run any app that opens a port for listening. very common on windows
> desktop systems, though not unheard of in the open source world either.
> this
> is, at best, a "well, it's not a -big- problem" response.
>
> > Besides, these days, almost everyone is behind a NAT, at the least.
>
> yes, like when i'm in the coffee shop connected to their wireless or at
> the
> airport waiting for a plane or ... hold on! ;) for laptop users, assuming
> a
> safe environment is completely wrongheaded. in public places, i just love
> firing up remote:/ in konqueror and clicking on "Network Services" to see
> who's running zeroconf and what they're advertising ... surprising
> sometimes
> what pops up.
>
> and of course many home users still connect directly to the
> cable/ADSL/analog
> modem for connectivity.
>
> while not having a firewall set up by default is forgiveable (just install
> guarddog, click a few buttons, voila!), the rationale given is a cop out.
> reality seems to be they just didn't have the time to devote to this, and
> given how complex putting a distro together is that's not surprising or
> unexpected. but let's not make excuses.
>
> --
> Aaron J. Seigo
> GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43
>
> Full time KDE developer sponsored by Trolltech (http://www.trolltech.com)
>
>
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://clug.ca/pipermail/clug-talk_clug.ca/attachments/20060406/f2a7c602/attachment-0001.htm


More information about the clug-talk mailing list