On Thu, 17 Mar 2005 13:52:23 +0100, Florian Weimer <[EMAIL PROTECTED]> wrote: >* Marc Haber: >> I am routinely running systems without any packet filtering capability >> on the network, and they are perfectly able to cope. They just only >> accept network connections for needed services. > >This is a bit dangerous because any invocation of "apt-get install" or >"apt-get upgrade" can start new server daemons.
I do not do that when I am directly on the 'net. otoh, policy-rc.d exists, but is a little clumsy to use these days (remedy is in NEW). Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834