Cups vulnerability

Matthew Burgess matthew at
Tue Jul 6 11:59:53 PDT 2004

On Tue, 06 Jul 2004 20:57:30 +0000
dienadel <no at> wrote:

> Miguel Bazdresch wrote:
> >>From the perspective of the local machine, port 631 must be open and
> > listening. That is unavoidable. You can, however, block it from the
> > internet and from the LAN without blocking it from the local
> > machine. That's what I do. The key is to mix and match your chains
> > and your interfaces.
> > 
> > HTH,
> > 
> thanks,
> that's exactly what i have: a single PC with a single (only for local
> use) printer.
> I'll desactivate CUPS as a service until learn more about IPTABLES.
> But, until that'll happen  my father and brother won't have printer
> for.
> Any little and quick help? :-( please

Yep, go check out BLFS for their personal firewall script.  That should
get you pretty much sorted.  The only problem you'll have then is if you
*need* to open up services to the outside world, but at least you'll be
denying everything by default which is the only sane approach.



More information about the hlfs-dev mailing list