On Sun, 2020-02-23 at 09:56 +0800, Ed Greshko wrote: > your IPv4 address is also a Public IP address the same way the IPv6 > address is. Directly connected to the Internet with no NAT. Also, > your modem does not have an internal Firewall. Therefore, the > firewall on your system is vital.
I'd say it's even *more* vital that if you run any services (SSH, mail, FTP, HTTP, DNS, etc), that you configure them securely, than rely on a firewall to protect them. e.g. If you ran a test webserver, but didn't intend to serve it to the WWW, then you'd configure the test webserver to only listen to internal addresses/interfaces. Likewise with any other server that you don't intend to be externally accessible. I've watched someone (albeit on Windows) get hacked 4 seconds after connecting to the internet, several times in a row. But the principal's the same, no matter what OS (flaws exist that you don't know about). And asshats are continually trying to get it. Dropping a firewall to test something is something that a lot of people will do, but isn't something you'd want to do if you couldn't trust all your services to protect themselves. And there's no safe time period that you can get away with momentarily dropping one. -- uname -rsvp Linux 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
