List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
Am Samstag, 4. Februar 2006 13:50 schrieb mir Jon Mitchell:
> The current behaviour of a default Gentoo install is to load iptables
> after the network has been initialised. Upon shutting down likewise
> iptables is shutdown then the network interface. This strikes me as
> presenting a window of opportunity when the computer is exposed
> without iptables, albeit a small one.
> Do people on this list think there is any value in re-arranging this
> order by default?
No this doesn't offers a hole, when no service is running and routing is
deactivated. So all services have to be started after iptables rules.
Same for routing.
Iptables doesn't have to protect the TCP/IP stack but a network behind
the host or services on that host.
firstname.lastname@example.org mailing list