On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote: > On most desktop systems firewall is not needed. Many users do not even > know how to configure it. In fact I disable it in most of my systems, > because there is no real use for it. So I asked a simple question > whether there is a need to install iptables by default? > > Your answer is not satisfactory for me - because not configured > firewall has nothing to do with security. In fact, it can only bring > false sense of security.
I believe the default is to block incoming connections except for a few services. This is good if you are running a sloppily written single-user server that binds to the wildcard address. The Haskell Scion server fell in this category as of August 2009; I didn't look to see what a remote user might be able to do to me by connecting to it. Yes, the proper way to avoid problems is to bind to localhost, but the firewall can be nice. -- Matt -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
