Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Oliver Schad <o.schad@...>
Subject: Re: iptables window of opportunity at startup
Date: Sat, 4 Feb 2006 18:22:39 +0100
Am Samstag, 4. Februar 2006 13:50 schrieb mir Jon Mitchell:
> The current behaviour of a default Gentoo install is to load iptables
> after the network has been initialised. Upon shutting down likewise
> iptables is shutdown then the network interface. This strikes me as
> presenting a window of opportunity when the computer is exposed
> without iptables, albeit a small one.
>
> Do people on this list think there is any value in re-arranging this
> order by default?

No this doesn't offers a hole, when no service is running and routing is 
deactivated. So all services have to be started after iptables rules. 
Same for routing.

Iptables doesn't have to protect the TCP/IP stack but a network behind 
the host or services on that host.

Best regards
Oli
-- 
gentoo-security@g.o mailing list


Replies:
Re: iptables window of opportunity at startup
-- Jon Mitchell
Re: iptables window of opportunity at startup
-- Staffan Emrén
References:
iptables window of opportunity at startup
-- Jon Mitchell
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: iptables window of opportunity at startup
Next by thread:
Re: iptables window of opportunity at startup
Previous by date:
Re: iptables window of opportunity at startup
Next by date:
Re: iptables window of opportunity at startup


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.