It might be a good idea, then, to configure ip6tables to deny everything
and enable it just to be sure.
And this is one of the reasons that firewalld has come about... The same
rule (unless it specifies a family or has addressees in the rule of that
family) gets applied to both protocols.
Am 14.07.2013 00:33, schrieb David Beveridge:
On Sat, Jul 13, 2013 at 2:36 AM, Reindl Harald h.rei...@thelounge.net wrote:
coming up with a link-local address inside a network
which is *pure ipv4* on a server means *any* random
device which does the same may bypass all your firewall
rule
Am 14.07.2013 08:53, schrieb James Hogarth:
It might be a good idea, then, to configure ip6tables to deny everything and
enable it just to be sure.
And this is one of the reasons that firewalld has come about... The same rule
(unless it specifies a family or has
addressees in the rule of
this is childish
there is a difference between well aware ipv4 and
all sorts of firewalls and proctections configured
or startup in a network with ipv6 enabled without
knowing it or not configured at all
coming up with a link-local address inside a network
which is *pure ipv4* on a server means
On Sat, Jul 13, 2013 at 2:36 AM, Reindl Harald h.rei...@thelounge.net wrote:
this is childish
there is a difference between well aware ipv4 and
all sorts of firewalls and proctections configured
or startup in a network with ipv6 enabled without
knowing it or not configured at all
coming up
The question, should IPv6, be disabled by default, is asked of people of
the user list.
At the moment, I am on the fence.
Is there a compromise where, during the Fedora install, when the person is
asked for some network information and asked for time zone and root
password, can the question be
On 07/12/2013 09:36 AM, Reindl Harald wrote:
coming up with a link-local address inside a network
which is*pure ipv4* on a server means *any* random
device which does the same may bypass all your firewall
rule ssince iptables and ip6tables are two different
services
It might be a good idea,
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
Enjoy your weekend.
-Original Message-
From: users-boun...@lists.fedoraproject.org
[mailto:users-boun...@lists.fedoraproject.org] On Behalf Of Fernando Lozano
Sent: Friday, July 12, 2013
On Fri, 12 Jul 2013, j.witvl...@mindef.nl wrote:
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
That is what I do.
If I'm using my computer and need internet access,
I just click on the start-listening icon.
Said icon then becomes a
Hi,
If you got scared, why not keep the entire network down?
If you want it, sure you can enable it ;-)
By your reasoning, Fedora doesn't need to provide secure installation
defaults. Anyone could craft their own iptables rules and selinux
policies if they feed a need for better security.
10 matches
Mail list logo