Re: [K12OSN] port blocking

Subject:	Re: [K12OSN] port blocking
From:	Nils Breunese
Date:	Fri, 11 Apr 2008 09:12:36 +0200

James P. Kinney III wrote:

On Thu, 2008-04-10 at 08:57 +0200, Nils Breunese wrote:

James P. Kinney III wrote:

1. Remove the NIC from the windows machines will stop the problem.
(isn't w2k EOL'ed now? No more security fixes?)


K12LTSP5 has reached EOL as well.


True. But it at least _started_ from a sound security footing :)

Actually, as long as a K12LTSP5 server does NOT have a directly
connected outward facing NIC, it is possible to use it's built in

firewall (iptables) to create a very secure system. The securityrisk is

from the client facing side anyway. The only real danger is user
elevation to root security holes. There is no reason to run other
outward facing services on a K12LTSP server other than ssh.

I hear people are running webservers with Moodle and stuff like thaton K12LTSP all the time. Of course there are reasons to run otheroutward facing services. Yeah, you could also run stuff like that onanother box, but maybe you don't have one.


Nils Breunese.

_______________________________________________
K12OSN mailing list
K12OSN@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

<Prev in Thread]	Current Thread	[Next in Thread>
[K12OSN] port blocking, Jim Anderson Re: [K12OSN] port blocking, "Terrell Prudé Jr." Re: [K12OSN] port blocking, James P. Kinney III Re: [K12OSN] port blocking, Nils Breunese Re: [K12OSN] port blocking, James P. Kinney III Re: [K12OSN] port blocking, Nils Breunese <= Re: [K12OSN] port blocking, "Terrell Prudé Jr."

Previous by Date:	Re: [K12OSN] port blocking, James P. Kinney III
Next by Date:	Re: [K12OSN] port blocking, "Terrell Prudé Jr."
Previous by Thread:	Re: [K12OSN] port blocking, James P. Kinney III
Next by Thread:	Re: [K12OSN] port blocking, "Terrell Prudé Jr."
Indexes:	[Date] [Thread] [Top] [All Lists]