security

J.A. Neitzel jan.listbox at belvento.org
Mon Oct 8 10:57:30 PDT 2001


Joachim Blaabjerg wrote:
> I'm just curious... A lot of people here has started talking about portmap,
> inetd, mountd, ftpd, telnetd and so on... Didn't mr. Belford say he used
> his machine as a basic workstation (based on LFS)? Is it likely that he has
> installed portmapd and inetd just for fun? I guess my point here is:
> If `netstat -l` shows nothing when you're connected to the internet and X
> is running and everything, you're rather safe. Start X with the `-nolisten
> tcp` argument to be sure, and, if you really want to, set up a
> iptables/ipchains/whatever firewall script.
> I'm usually quite paranoid too, but a basic workstation with no open ports
> is (IMHO) not likely exposed to any great risks of being compromized on the
> 'net.
> 
> Just my two cents

This is *usually* what I think too... Most of what I try to do would
probably fall under the "Occam's Razor" principle. It hasn't killed
me yet ;) Of course, everything has its place. I've never monitored
my home machine yet to see whether someone on the net tries to scan
me BTW. And, at work, someone else deals with these issues.

Sir Belford didn't tell us he used "inetd just for fun". I guess we
assumed too much. I wonder...

Hmmm, what is the relation between paranoia vs. Occam's Razor???
This is just a rhetorical question BTW.
-- 
Jeff

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list