Am 14.07.2013 08:53, schrieb James Hogarth:
>> It might be a good idea, then, to configure ip6tables to deny everything and
>> enable it just to be sure.
>
> And this is one of the reasons that firewalld has come about... The same rule
> (unless it specifies a family or has
> addressees in the
Am 14.07.2013 00:33, schrieb David Beveridge:
> On Sat, Jul 13, 2013 at 2:36 AM, Reindl Harald wrote:
>> coming up with a "link-local" address inside a network
>> which is *pure ipv4* on a server means *any* random
>> device which does the same may bypass all your firewall
>> rule since iptables
>
>
> It might be a good idea, then, to configure ip6tables to deny everything
and enable it just to be sure.
>
And this is one of the reasons that firewalld has come about... The same
rule (unless it specifies a family or has addressees in the rule of that
family) gets applied to both protocols.
On 07/12/2013 09:36 AM, Reindl Harald wrote:
coming up with a "link-local" address inside a network
which is*pure ipv4* on a server means *any* random
device which does the same may bypass all your firewall
rule ssince iptables and ip6tables are two different
services
It might be a good idea,
The question, should IPv6, be disabled by default, is asked of people of
the user list.
At the moment, I am on the fence.
Is there a compromise where, during the Fedora install, when the person is
asked for some network information and asked for time zone and root
password, can the question be po
On Sat, Jul 13, 2013 at 2:36 AM, Reindl Harald wrote:
> this is childish
>
> there is a difference between well aware ipv4 and
> all sorts of firewalls and proctections configured
> or startup in a network with ipv6 enabled without
> knowing it or not configured at all
>
> coming up with a "link-l
this is childish
there is a difference between well aware ipv4 and
all sorts of firewalls and proctections configured
or startup in a network with ipv6 enabled without
knowing it or not configured at all
coming up with a "link-local" address inside a network
which is *pure ipv4* on a server means
Hi,
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
By your reasoning, Fedora doesn't need to provide secure installation
defaults. Anyone could craft their own iptables rules and selinux
policies if they feed a need for better security. And
On Fri, 12 Jul 2013, j.witvl...@mindef.nl wrote:
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
That is what I do.
If I'm using my computer and need internet access,
I just click on the start-listening icon.
Said icon then becomes a stop-lis
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
Enjoy your weekend.
-Original Message-
From: users-boun...@lists.fedoraproject.org
[mailto:users-boun...@lists.fedoraproject.org] On Behalf Of Fernando Lozano
Sent: Friday, July 12, 2013 5
10 matches
Mail list logo