Hi Roberto,
Blocking incoming and forwarded traffic would probably not be surprising
to many people. However, blocking outgoint traffic would be exceedingly
confusing to many people.
Yep. Totally agreed.
https://www.debian.org/doc/manuals/debian-handbook/security.en.html
Thanks.
While there is possibly an argument that not configuring a firewall by
default introduces some vulnerability, it is equally valid to argue that
there are no sensible default firewall policies that can be put into
place without a defined threat model.
I suspect that the vast majority of people deploying systems are doing
so behind some sort of device that provides border security to the local
network (e.g., router/firewall/NAT/etc.). So, if the default threat
model is "a relatively trusted network with adequate border security"
then the current default is appropriate.
Those who deploy systems directly to a location where they are in
immediate contact with the public Internet should already understand the
ramifications of that decision and tailor their installation process
accordingly.
I don't disagree.
Thanks,
Subhadip
