Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Thierry Carrez <koon@g.o>
Subject: Re: iptables window of opportunity at startup
Date: Tue, 07 Feb 2006 19:08:05 +0100
Jon Mitchell wrote:

> The current behaviour of a default Gentoo install is to load iptables
> after the network has been initialised. Upon shutting down likewise
> iptables is shutdown then the network interface. This strikes me as
> presenting a window of opportunity when the computer is exposed without
> iptables, albeit a small one.
> 
> Do people on this list think there is any value in re-arranging this
> order by default?

Yes I do.

Bug 76624 was trying to push that change for shorewall, maybe it's time
to reactivate it with broader scope.

-- 
Thierry Carrez (Koon)
Gentoo Linux Security
-- 
gentoo-security@g.o mailing list


References:
iptables window of opportunity at startup
-- Jon Mitchell
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: iptables window of opportunity at startup
Next by thread:
AMD64 + Hard Drive weirdness...
Previous by date:
Re: iptables window of opportunity at startup
Next by date:
Re: iptables window of opportunity at startup


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.