Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
Am Samstag, 4. Februar 2006 13:50 schrieb mir Jon Mitchell:
> The current behaviour of a default Gentoo install is to load iptables
> after the network has been initialised. Upon shutting down likewise
> iptables is shutdown then the network interface. This strikes me as
> presenting a window of opportunity when the computer is exposed
> without iptables, albeit a small one.
>
> Do people on this list think there is any value in re-arranging this
> order by default?
No this doesn't offers a hole, when no service is running and routing is
deactivated. So all services have to be started after iptables rules.
Same for routing.
Iptables doesn't have to protect the TCP/IP stack but a network behind
the host or services on that host.
Best regards
Oli
--
gentoo-security@g.o mailing list
|
|
