Mailinglist Archive: opensuse-security (408 mails)
| < Previous | Next > |
RE: Fwd: Re: [suse-security] ipv6 insecure?
- From: "Reckhard, Tobias" <tobias.reckhard@xxxxxxxxxxx>
- Date: Tue, 23 Apr 2002 14:19:41 +0200
- Message-id: <96C102324EF9D411A49500306E06C8D1A56EE9@xxxxxxxxxxxxxxxxx>
> As the SuSE kernel and some SuSE server packages have IPv6 enabled by
> default, I want to be sure that my SuSEfirewall2 is protecting these
> running servers.
>
> What rules/chains should I look for? Do I need to add custom rules?
> (In my case I don't want to expose any of them to the dial-up
> interface. I use sshd over v6 on internal ethernet but only for
> convenience of configuration, I could switch to ipv4 if I need)
If you don't *need* a feature, security best practises say to turn it off,
better even remove it. Or don't install it in the first place.
Tobias
> default, I want to be sure that my SuSEfirewall2 is protecting these
> running servers.
>
> What rules/chains should I look for? Do I need to add custom rules?
> (In my case I don't want to expose any of them to the dial-up
> interface. I use sshd over v6 on internal ethernet but only for
> convenience of configuration, I could switch to ipv4 if I need)
If you don't *need* a feature, security best practises say to turn it off,
better even remove it. Or don't install it in the first place.
Tobias
| < Previous | Next > |