On Sun, Apr 27, 2025 at 11:53 AM David King <d...@daveking.com> wrote:
> On 4/27/25 1:05 AM, Marco Moock wrote: > > On Sat, 26 Apr 2025 16:37:38 -0600 home user via users > > <users@lists.fedoraproject.org> wrote: > > > >> I have no services running, as far as I know. I did not install any. > > Then there is not need for a router, NAT or anything else. > > I would disagree. Operating systems have flaws that hackers can > exploit. If a computer is connected directly to the internet then > hackers can exploit those flaws, regardless of what you may or may not > having running on the machine. Defense in depth is a security best > practice. If you want decent security, then a router that provides a > private intranet with NAT and firewall software on the workstation are > only prudent. > NAT is not recommended for IPv6. < https://security.stackexchange.com/questions/44065/with-ipv6-do-we-need-to-use-nat-anymore > is a helpful discussion. This includes a recommendation to configure IPv6 firewall: "The rules for forwarded traffic can be summed up in three ip6tables commands (default deny, allow from local, allow established/related)". -- George N. White III
-- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
