As a matter of fact, on my local network, I have no problem leaving inbound connections open as well, because firewalling is provided by my router. When you look at early litterature, a firewall was at first a network configuration, not an application or a kernel module.
Yes, that`s why distribution now ships with less strict configurations. System daemons are thighly controlled, but end-user stuff is much more relaxed.
I would also like to say that I spend most of my days writing software that use network connections,
so I would constantly be tweeking that damn firewall if I was using this kind off configuration.
I have to add that some of this stuffed is handled by SELinux.
If you wan't an CGI script to be able to send an email on a
Red Hat derivative, you have to explicitly add the rule to your SELinux configuration
If you run applications that are included with your distribution, it is pretty safe to assume that they don't have to be blocked.
If you run third-party applications, you will probably want to allow them to do their job and let them open wathever outbound
connection they want to.
Most user will allow anything anyway. Most people don't know enough to be able to decide what to permit.
Ok, seems like you're trying to do things the windows way,
i.e. blocking outbound connections based which application is
running.
Things are not done that way on Linux.
Outbound connections are open and most of us are fine
with it.
First Apple product was the Apple computer.
They built a better KIM-1 or a cheaper Altair.
Next the built the Apple II.
Big innovation (from Jobs) was the plastic case.
Now they sue someone else for round corners.
Yes, the Apple Reality Distortion Field is still working.
By the way, I love Woz, he was the real guy.
Craig Mundie
Chief Research and Strategy Officer
Microsoft Corporation
I thing Microsoft is tired of not being in the top500.
They will promote new benchmarks instead of the ones
that make them look bad.
And there are rumours on Windows for ARM on servers.
I say Mr. Mundie, I can see what your strategy is all about...
Because the whole story is bullshit.
The "security" vendor wants to scare people, so they can sell more antivirus crap.
These people are afraid that their business model is dying (and it is).
They want you to think that disclosing vulnerabilities is bad,
they want you to think that open source sites are vulnerable,
they want you to think that security is something that can
be bought by the pound (or the kilogram).
Plus this kind of story helps Microsoft showing that Google is evil.
What they are doing is creating a weapon.
They won't go after Red Hat directly,
so they will loose a bunch of lawsuits against patent trolls,
and let the trolls try to go after Red Hat in hope that
Red Hat won't survive the multiple lawsuits.
Then they will have convince the word that Linux
is fragile because stupid software patents.
Slashdot Mirror
As a matter of fact, on my local network, I have no problem leaving inbound connections open as well, because firewalling is provided by my router. When you look at early litterature, a firewall was at first a network configuration, not an application or a kernel module.
That's the whole point
Yes, that`s why distribution now ships with less strict configurations. System daemons are thighly controlled, but end-user stuff is much more relaxed.
Because the malware situation on Windows got out of hand because of poor initial security decisions.
I would also like to say that I spend most of my days writing software that use network connections, so I would constantly be tweeking that damn firewall if I was using this kind off configuration.
Sorry I meant stuff, not stuffed
I have to add that some of this stuffed is handled by SELinux. If you wan't an CGI script to be able to send an email on a Red Hat derivative, you have to explicitly add the rule to your SELinux configuration
You got me there. Those are really convincing arguments. You`re the man!
If you run applications that are included with your distribution, it is pretty safe to assume that they don't have to be blocked. If you run third-party applications, you will probably want to allow them to do their job and let them open wathever outbound connection they want to. Most user will allow anything anyway. Most people don't know enough to be able to decide what to permit.
Ok, seems like you're trying to do things the windows way, i.e. blocking outbound connections based which application is running. Things are not done that way on Linux. Outbound connections are open and most of us are fine with it.
Sorry, no Yoda in episode IV. Yoda appeard in Episode V.
nuf said
That's exactly what those supercomputer are, Linux clusters.
Think not.
First Apple product was the Apple computer. They built a better KIM-1 or a cheaper Altair. Next the built the Apple II. Big innovation (from Jobs) was the plastic case. Now they sue someone else for round corners. Yes, the Apple Reality Distortion Field is still working. By the way, I love Woz, he was the real guy.
Craig Mundie Chief Research and Strategy Officer Microsoft Corporation I thing Microsoft is tired of not being in the top500. They will promote new benchmarks instead of the ones that make them look bad. And there are rumours on Windows for ARM on servers. I say Mr. Mundie, I can see what your strategy is all about...
Please take a look at those: http://bethstepsup.blogspot.com/ http://planet.laptop.org/
Because the whole story is bullshit. The "security" vendor wants to scare people, so they can sell more antivirus crap. These people are afraid that their business model is dying (and it is). They want you to think that disclosing vulnerabilities is bad, they want you to think that open source sites are vulnerable, they want you to think that security is something that can be bought by the pound (or the kilogram). Plus this kind of story helps Microsoft showing that Google is evil.
What they are doing is creating a weapon. They won't go after Red Hat directly, so they will loose a bunch of lawsuits against patent trolls, and let the trolls try to go after Red Hat in hope that Red Hat won't survive the multiple lawsuits. Then they will have convince the word that Linux is fragile because stupid software patents.