Le 23/09/2018 à 10:41, Joe a écrit :
On Sat, 22 Sep 2018 17:07:59 +0200
Pascal Hambourg wrote:
PPTP does require specific NAT support for the GRE protocol.
Use case : two clients of the same PPTP server share the same public
IP address.
It doesn't work, see below.
It can work if and only i
On Wed, Sep 26, 2018 at 04:07:33PM +0100, Joe wrote:
You're only moving the problem around. Some completely standard piece of
code *somewhere* has to know what is the right place to insert such a
rule. I'll give you an example: neither the beginning nor the end of my
INPUT chain is the right plac
On Wed, 26 Sep 2018 14:39:41 +0100
Jonathan Dowland wrote:
> On Mon, Sep 24, 2018 at 08:21:55PM +0100, Joe wrote:
> >And there you have the problem: it would be necessary for the
> >installation of certain packages (e.g. MTA) to automatically poke
> >holes in the firewall.
>
> We agree this fa
On Mon, Sep 24, 2018 at 03:27:51PM -0400, Henning Follmann wrote:
And there are also reasons not to install by default one. And this is
what the OP was about. The default is to not install listening
services a thus no need for a firewall.
You must have misread or misunderstood my message, becau
On Mon, Sep 24, 2018 at 08:21:55PM +0100, Joe wrote:
And there you have the problem: it would be necessary for the
installation of certain packages (e.g. MTA) to automatically poke holes
in the firewall.
We agree this far.
For this to be practical, a completely standardised
iptables architect
On Mon, Sep 24, 2018 at 07:39:59PM +0100, Jonathan Dowland wrote:
> On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > Run a netstat -t -l and you will see there is nothing listening. So
> > what is the point of running a firewall?
>
> There's plenty of reasons to run a firewall
On Mon, 24 Sep 2018 19:52:39 +0100
Jonathan Dowland wrote:
> On Sat, Sep 22, 2018 at 05:12:38AM -0400, Gene Heskett wrote:
> >Because you can set an ntp corrected machine as a broadcaster,
> >therefore reducing the load on the tier 2 servers such as debian
> >maintains by using their pool.debian.
On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
But someone with the power to "make it so" hides behind the word
security, never deigning to explain it where the user public gets to
read it. There is something drastically wrong with that picture when we
don't get a choice, or a say
On Sat, Sep 22, 2018 at 05:12:38AM -0400, Gene Heskett wrote:
Because you can set an ntp corrected machine as a broadcaster, therefore
reducing the load on the tier 2 servers such as debian maintains by
using their pool.debian.org or the tier 1 servers at pool.ntp.org. That
way I have 7 machines
On Fri, Sep 21, 2018 at 01:09:35PM -0400, Dan Ritter wrote:
The basic reason is this: it makes sense.
Yours (and Roberto's) reasons are, I think, post-hoc rationalisations.
IMHO the real reason is nobody has successfully made the case and/or
implementation of a decent default firewall for Debi
On Fri, Sep 21, 2018 at 06:04:59PM -0400, songbird wrote:
whenever i install a new system i include ufw (a firewall
program) just to catch any funny stuff that might try to
come through.
Another vote for ufw from me. It's certainly easier for the simple
use-cases than raw iptables (and has som
On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
Run a netstat -t -l and you will see there is nothing listening. So
what is the point of running a firewall?
There's plenty of reasons to run a firewall even if you think you are
not running any services. You may be mistaken; a s
On Monday 24 September 2018 05:36:42 to...@tuxteam.de wrote:
> On Mon, Sep 24, 2018 at 04:52:21AM -0400, Gene Heskett wrote:
> > On Monday 24 September 2018 03:07:37 to...@tuxteam.de wrote:
>
> I fear my tales aren't half as exciting. Afer all, you have ~33%
> headstart on me :-)
>
True, but the l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Sep 24, 2018 at 04:52:21AM -0400, Gene Heskett wrote:
> On Monday 24 September 2018 03:07:37 to...@tuxteam.de wrote:
[...]
> And he said it with a straight face... LMAO. And remembering that
> still puts a grin on my face. I expect you, Tomas
On Monday 24 September 2018 03:07:37 to...@tuxteam.de wrote:
> On Sun, Sep 23, 2018 at 11:22:41PM -0400, Gene Heskett wrote:
Off topic...
> [...]
>
> > Naw, I load them by hand, no internet connection to my powder cache.
> > ;-)
>
> But hey, IoT, what could possibly go bang?
How about old meat
On Sun, Sep 23, 2018 at 11:22:41PM -0400, Gene Heskett wrote:
[...]
> Naw, I load them by hand, no internet connection to my powder cache. ;-)
But hey, IoT, what could possibly go bang?
> I plainly have too many hobbies. ;-)
Just combine them ;-)
Cheers
-- t
signature.asc
Description: Digi
On Sunday 23 September 2018 23:13:43 Richard Hector wrote:
> On 23/09/18 6:19 AM, Gene Heskett wrote:
> > the exception in my sig being the only forward in the dd-wrt rules
>
> Remote access to your ammo box? Yikes :-)
>
> Richard
Naw, I load them by hand, no internet connection to my powder cach
On 23/09/18 6:19 AM, Gene Heskett wrote:
> the exception in my sig being the only forward in the dd-wrt rules
Remote access to your ammo box? Yikes :-)
Richard
signature.asc
Description: OpenPGP digital signature
On Sun 23 Sep 2018 at 21:59:38 +0100, Joe wrote:
> On Sun, 23 Sep 2018 18:58:07 +0100
> Brian wrote:
>
> > On Sun 23 Sep 2018 at 00:05:58 +0100, mick crane wrote:
> >
> > > On 2018-09-21 18:29, Subhadip Ghosh wrote:
> > > Debian is a Universal OS.
> > > >
> > > > I wouldn't say whatever you
On Sun, 23 Sep 2018 18:58:07 +0100
Brian wrote:
> On Sun 23 Sep 2018 at 00:05:58 +0100, mick crane wrote:
>
> > On 2018-09-21 18:29, Subhadip Ghosh wrote:
> > Debian is a Universal OS.
> > >
> > > I wouldn't say whatever you said, doesn't make sense. I wish there
> > > were an easier way to
On Sun 23 Sep 2018 at 00:05:58 +0100, mick crane wrote:
> On 2018-09-21 18:29, Subhadip Ghosh wrote:
> Debian is a Universal OS.
> >
> > I wouldn't say whatever you said, doesn't make sense. I wish there
> > were an easier way to know about it when I started using the OS,
> > something to warn m
On Sat, 22 Sep 2018 17:07:59 +0200
Pascal Hambourg wrote:
> PPTP does require specific NAT support for the GRE protocol.
> Use case : two clients of the same PPTP server share the same public
> IP address.
It doesn't work, see below. And yes, I do know, it was a common
question on the MS Small
On 2018-09-21 18:29, Subhadip Ghosh wrote:
Debian is a Universal OS.
I wouldn't say whatever you said, doesn't make sense. I wish there
were an easier way to know about it when I started using the OS,
something to warn me that I need to configure the firewall to suit my
needs. Maybe because I c
Am Samstag, den 22.09.2018, 23:58 +0200 schrieb Pascal Hambourg:
> Le 22/09/2018 à 23:35, Simon Kengelbacher a écrit :
> > Am Samstag, den 22.09.2018, 22:36 +0200 schrieb to...@tuxteam.de:
> > > On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
> > >
> > > > They have over the last two
Le 22/09/2018 à 23:35, Simon Kengelbacher a écrit :
Am Samstag, den 22.09.2018, 22:36 +0200 schrieb to...@tuxteam.de:
On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
They have over the last two "upgrades" from wheezy to jessie and on
to
stretch, totally disabled any attempts to f
Le 22/09/2018 à 20:27, Dan Ritter a écrit :
On Sat, Sep 22, 2018 at 04:52:40PM +0200, Pascal Hambourg wrote:
It does not matter what you entire point was, and I do not expect you to
describe a complete firewall policy. *You* exposed a supposedly default
firewall policy which I happened to find
Am Samstag, den 22.09.2018, 22:36 +0200 schrieb to...@tuxteam.de:
> On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
>
> [...]
>
> > They have over the last two "upgrades" from wheezy to jessie and on
> > to
> > stretch, totally disabled any attempts to forward x to another
> > mach
Le 22/09/2018 à 22:16, Stefan Monnier a écrit :
[...]
The benefit is that one cannot pinpoint the real attacker, of course.
Isn't the same benefit provided by just forging the source address ?
If all the routers in the path play along... but then, they are all
broken.
This condition must als
On Saturday 22 September 2018 16:36:15 to...@tuxteam.de wrote:
> On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
>
> [...]
>
> > They have over the last two "upgrades" from wheezy to jessie and on
> > to stretch, totally disabled any attempts to forward x to another
> > machine,
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Sep 22, 2018 at 04:15:42PM -0400, Gene Heskett wrote:
[...]
> They have over the last two "upgrades" from wheezy to jessie and on to
> stretch, totally disabled any attempts to forward x to another machine,
Just a tip: there's "ssh -X" or
> [...]
>> >The benefit is that one cannot pinpoint the real attacker, of course.
>> Isn't the same benefit provided by just forging the source address ?
> If all the routers in the path play along... but then, they are all
> broken.
There's also the fact that all those RST packets can come from a
On Saturday 22 September 2018 14:27:44 Dan Ritter wrote:
> On Sat, Sep 22, 2018 at 04:52:40PM +0200, Pascal Hambourg wrote:
> > Le 22/09/2018 à 13:31, Dan Ritter a écrit :
> > > On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
> > > > I do not see how all this replies to my questio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Sep 22, 2018 at 12:58:02PM +0200, Pascal Hambourg wrote:
> Le 22/09/2018 à 11:51, Reco a écrit :
[...]
> >The benefit is that one cannot pinpoint the real attacker, of course.
>
> Isn't the same benefit provided by just forging the source ad
On Sat, Sep 22, 2018 at 04:52:40PM +0200, Pascal Hambourg wrote:
> Le 22/09/2018 à 13:31, Dan Ritter a écrit :
> > On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
> > > I do not see how all this replies to my question :
>
> This comment was intended to Gene Heskett.
>
> > > Why s
On Saturday 22 September 2018 10:52:40 Pascal Hambourg wrote:
> Le 22/09/2018 à 13:31, Dan Ritter a écrit :
> > On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
> >> I do not see how all this replies to my question :
>
> This comment was intended to Gene Heskett.
>
> >> Why should
Le 22/09/2018 à 13:11, Joe a écrit :
On Sat, 22 Sep 2018 10:38:52 +0200
Pascal Hambourg wrote:
Le 22/09/2018 à 09:39, Joe a écrit :
Two layers of NAT work just fine, for anything but IPSec.
1) Even one single layer of NAT can cause trouble with other
applications that IPSec : FTP, SIP...
Le 22/09/2018 à 13:31, Dan Ritter a écrit :
On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
I do not see how all this replies to my question :
This comment was intended to Gene Heskett.
Why should only TCP inbound responses be allowed ? What about UDP-based
protocols, ping r
Le 22/09/2018 à 15:39, Dan Purgert a écrit :
Pascal Hambourg wrote:
Le 21/09/2018 à 19:09, Dan Ritter a écrit :
Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:
- outbound: permit
- forward: deny
- inbound: accept NTP, DHCP, DNS, and any TCP p
Pascal Hambourg wrote:
> Le 21/09/2018 à 19:09, Dan Ritter a écrit :
>>
>> Let's suppose Debian installs a basic firewall by default. How
>> basic? Let's say:
>>
>> - outbound: permit
>> - forward: deny
>> - inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
>>re
Reco wrote:
> Hi.
>
> On Fri, Sep 21, 2018 at 09:59:40PM -, Dan Purgert wrote:
>> Reco wrote:
>> [...]
>> >> So this is why a wise guy buys an industrial pc for 200 US or wrt capable
>> >> router for 20-30 US installs linux and makes a good firewall then puts it
>> >> between ISP and his
On Sat, Sep 22, 2018 at 12:55:24PM +0200, Pascal Hambourg wrote:
> I do not see how all this replies to my question :
>
> Why should only TCP inbound responses be allowed ? What about UDP-based
> protocols, ping replies (ICMP echo reply), ICMP error messages, and so on ?
Given that my entire poin
Hi.
On Sat, Sep 22, 2018 at 12:58:02PM +0200, Pascal Hambourg wrote:
> Le 22/09/2018 à 11:51, Reco a écrit :
> >
> > On Sat, Sep 22, 2018 at 09:46:35AM +0200, Pascal Hambourg wrote:
> > > Le 21/09/2018 à 20:32, Reco a écrit :
> > > >
> > > > Evil person makes a TCP connection to unprotec
On Sat, 22 Sep 2018 10:38:52 +0200
Pascal Hambourg wrote:
> Le 22/09/2018 à 09:39, Joe a écrit :
> >
> > Two layers of NAT work just fine, for anything but IPSec.
>
> 1) Even one single layer of NAT can cause trouble with other
> applications that IPSec : FTP, SIP...
>
Yes, but one can reas
Le 22/09/2018 à 12:05, Henning Follmann a écrit :
If you send a TCP package to a computer not listening it will send a ICMP
error back.
No, standard behaviour is to send a TCP RST back.
An ICMP error may be sent back for other protocols such as UDP.
Le 22/09/2018 à 11:51, Reco a écrit :
On Sat, Sep 22, 2018 at 09:46:35AM +0200, Pascal Hambourg wrote:
Le 21/09/2018 à 20:32, Reco a écrit :
Evil person makes a TCP connection to unprotected host, but forges
source IP. Host sends TCP RST to this forged IP, host acting as a
'reflector' to an a
Le 22/09/2018 à 11:12, Gene Heskett a écrit :
On Saturday 22 September 2018 03:34:45 Pascal Hambourg wrote:
Le 21/09/2018 à 19:09, Dan Ritter a écrit :
Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:
- outbound: permit
- forward: deny
- inbou
Hi.
On Sat, Sep 22, 2018 at 06:05:01AM -0400, Henning Follmann wrote:
> On Fri, Sep 21, 2018 at 09:32:45PM +0300, Reco wrote:
> > Hi.
> >
> > On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> > > On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> > >
> > > > Hi.
> > >
On Fri, Sep 21, 2018 at 09:32:45PM +0300, Reco wrote:
> Hi.
>
> On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> > On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> >
> > > Hi.
> > >
> > > On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > > > On Fri, Sep 21,
Hi.
On Sat, Sep 22, 2018 at 09:46:35AM +0200, Pascal Hambourg wrote:
> Le 21/09/2018 à 20:32, Reco a écrit :
> >
> > Evil person makes a TCP connection to unprotected host, but forges
> > source IP. Host sends TCP RST to this forged IP, host acting as a
> > 'reflector' to an attack. And b
On Saturday 22 September 2018 03:34:45 Pascal Hambourg wrote:
> Le 21/09/2018 à 19:09, Dan Ritter a écrit :
> > Let's suppose Debian installs a basic firewall by default. How
> > basic? Let's say:
> >
> > - outbound: permit
> > - forward: deny
> > - inbound: accept NTP, DHCP, DNS, a
Le 22/09/2018 à 09:39, Joe a écrit :
Two layers of NAT work just fine, for anything but IPSec.
1) Even one single layer of NAT can cause trouble with other
applications that IPSec : FTP, SIP...
2) IPSec works through NAT, provided that you enable UDP encapsulation
aka NAT-T.
Le 21/09/2018 à 20:32, Reco a écrit :
Evil person makes a TCP connection to unprotected host, but forges
source IP. Host sends TCP RST to this forged IP, host acting as a
'reflector' to an attack. And being a bad netizen at the same time.
Evil person takes as many of such hosts as possible - an
On Fri, 21 Sep 2018 18:04:59 -0400
songbird wrote:
> Subhadip Ghosh wrote:
> > Hi,
> >
> > I am using Debian and the recently I learned that a standard Debian
> > installation allows all 3 types of traffics especially incoming by
> > default. I know I can easily use iptables to tighten the rule
Le 21/09/2018 à 19:09, Dan Ritter a écrit :
Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:
- outbound: permit
- forward: deny
- inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
response to an outbound packet
Why should unsol
Hi.
On Fri, Sep 21, 2018 at 09:59:40PM -, Dan Purgert wrote:
> Reco wrote:
> > Hi.
> >
> > On Fri, Sep 21, 2018 at 11:18:36PM +0200, deloptes wrote:
> >> Reco wrote:
> >>
> >> > So, in this regard Debian is imperfect, but at least they give you right
> >> > tools to solve the prob
Subhadip Ghosh wrote:
> Hi,
>
> I am using Debian and the recently I learned that a standard Debian
> installation allows all 3 types of traffics especially incoming by
> default. I know I can easily use iptables to tighten the rules but I
> wanted to know the reasons behind the choice of this d
Reco wrote:
> Hi.
>
> On Fri, Sep 21, 2018 at 11:18:36PM +0200, deloptes wrote:
>> Reco wrote:
>>
>> > So, in this regard Debian is imperfect, but at least they give you right
>> > tools to solve the problem (iptables suite), and do not force braindead
>> > firewall policies by default (like
Hi.
On Fri, Sep 21, 2018 at 11:18:36PM +0200, deloptes wrote:
> Reco wrote:
>
> > So, in this regard Debian is imperfect, but at least they give you right
> > tools to solve the problem (iptables suite), and do not force braindead
> > firewall policies by default (like RHEL does).
>
> So
Reco wrote:
> So, in this regard Debian is imperfect, but at least they give you right
> tools to solve the problem (iptables suite), and do not force braindead
> firewall policies by default (like RHEL does).
So this is why a wise guy buys an industrial pc for 200 US or wrt capable
router for 20
On Fri 21 Sep 2018 at 22:59:57 (+0530), Subhadip Ghosh wrote:
>
> Hi Dan,
> > The basic reason is this: it makes sense.
> >
> > Let's suppose Debian installs a basic firewall by default. How
> > basic? Let's say:
> >
> > - outbound: permit
> > - forward: deny
> > - inbound: accept
On Fri 21 Sep 2018 at 23:37:11 +0530, Subhadip Ghosh wrote:
>
> > You mean the Windows warning "Your system is not protected"?
> >
> > How mature shouldone be to know what it means to use the internet?
> >
> > Where this message should come from?
> The last thing I want is a Windows like warnin
On Fri 21 Sep 2018 at 21:32:45 +0300, Reco wrote:
> Hi.
>
> On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> > On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> >
> > > Hi.
> > >
> > > On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > > > On Fri, Sep 21, 20
Hi.
On Fri, Sep 21, 2018 at 07:14:03PM +0100, Brian wrote:
> On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
>
> > Hi.
> >
> > On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > > Hi,
> > > >
On Fri 21 Sep 2018 at 19:25:22 +0300, Reco wrote:
> Hi.
>
> On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > Hi,
> > >
> > > I am using Debian and the recently I learned that a standard Debian
> > >
You mean the Windows warning "Your system is not protected"?
How mature shouldone be to know what it means to use the internet?
Where this message should come from?
The last thing I want is a Windows like warning. I expected more like a
line in the Installation manual warning about the defau
Subhadip Ghosh wrote:
> something to
> warn me that I need to configure the firewall to suit my needs.
You mean the Windows warning "Your system is not protected"?
How mature shouldone be to know what it means to use the internet?
Where this message should come from?
Imagine I install 450MB de
On Friday, September 21, 2018 08:55:21 AM Henning Follmann wrote:
> Run a netstat -t -l and you will see there is nothing listening. So what is
> the point of running a firewall?
I'm not the OP, but I decided to play along and run:
root@s19:~# netstat -t -l
Active Internet connections (only serv
Hi Roberto,
Blocking incoming and forwarded traffic would probably not be surprising
to many people. However, blocking outgoint traffic would be exceedingly
confusing to many people.
Yep. Totally agreed.
https://www.debian.org/doc/manuals/debian-handbook/security.en.html
Thanks.
While there
Hi Dan,
The basic reason is this: it makes sense.
Let's suppose Debian installs a basic firewall by default. How
basic? Let's say:
- outbound: permit
- forward: deny
- inbound: accept NTP, DHCP, DNS, and any TCP packet which is a
response to an outbound packet
Now, what
Hi Pablo,
On 21/09/18 9:50 PM, Pablo Álvarez Córdoba wrote:
I do not know, but:
- By default there are no services listening (except in 127.0.0.1)
- A server is usually behind a router/firewall
- It is better that each user configure their system as they want,
instead of having default values.
On Fri, Sep 21, 2018 at 09:02:26AM +0530, Subhadip Ghosh wrote:
> Hi Roberto,
>
> On Friday 21 September 2018 08:51 AM, Roberto C. Sánchez wrote:
> > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > Hi,
> > >
> > > I am using Debian and the recently I learned that a standard
Hi.
On Fri, Sep 21, 2018 at 08:55:21AM -0400, Henning Follmann wrote:
> On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > Hi,
> >
> > I am using Debian and the recently I learned that a standard Debian
> > installation allows all 3 types of traffics especially incoming b
I do not know, but:
\- By default there are no services listening (except in 127.0.0.1)
\- A server is usually behind a router/firewall
\- It is better that each user configure their system as they want, instead of
having default values. Although it would be nice if the installer warns you
that
On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> Hi,
>
> I am using Debian and the recently I learned that a standard Debian
> installation allows all 3 types of traffics especially incoming by default.
> I know I can easily use iptables to tighten the rules but I wanted to know
>
Roberto C. Sánchez wrote:
> I suspect that the vast majority of people deploying systems are doing
> so behind some sort of device that provides border security to the local
> network (e.g., router/firewall/NAT/etc.). So, if the default threat
> model is "a relatively trusted network with adequat
On Fri, Sep 21, 2018 at 09:02:26AM +0530, Subhadip Ghosh wrote:
> Hi Roberto,
>
> On Friday 21 September 2018 08:51 AM, Roberto C. Sánchez wrote:
> > On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> > > Hi,
> > >
> > > I am using Debian and the recently I learned that a standard
Hi Roberto,
On Friday 21 September 2018 08:51 AM, Roberto C. Sánchez wrote:
On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
Hi,
I am using Debian and the recently I learned that a standard Debian
installation allows all 3 types of traffics especially incoming by default.
What
On Fri, Sep 21, 2018 at 08:34:50AM +0530, Subhadip Ghosh wrote:
> Hi,
>
> I am using Debian and the recently I learned that a standard Debian
> installation allows all 3 types of traffics especially incoming by default.
What do you mean by "all 3 types of traffics"?
> I know I can easily use ipt
78 matches
Mail list logo