-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 jdd schreef:
M9. wrote:
In my config there are only trusted hosts... (in a windows case there are constantly hosts that are informed
informed?
spyware and datamining.. ;-) ( i know this is unknown to linux :-)
yes it has to let me know who is going out and going in, and i must be able to shut whatever port i like, in principle..
this is not a firewall but a proxy server.
no, in windows, a firewall can do that..
Usually, a firewall blocks all the ports. That means that no communication can be initiated from the exterior to the inside. If inside your computer you ask an application to go and search, this is allowed.
If some host wants to enter my pc, i want to know this,
what does this mean for you??
that my spyware-killers do not work.. (please do not forget my decade of windows use ;-)
all what an external program can do on your computer is read a port or write a port.
closing a port means only that this write is rejected (or simply ignored). In fact, if no application is listening (by reading this port), the write *is* ignored
If i give a password to a host, it can enter without noticing me, as long as i want to let the firewall exept the password.
this may be the windows way of life, but it's not Linux one.
indeed, some habits die hard ;-) if I do
"ssh <somecomputer>", my ssh will try to write to the ssh port of this computer. If, for example, it's a windows 98 with no firewall at all, but with no ssh server neither, nothing is going on and I cannot enter
to enter a computer you must have a server that allows this
A good firewall can handele this perfectly, with just one card.
nope. untrusted pc can attack a trusted one. This is like having all computers exposed to the exterior and youi have to protect all of them
my router is a firewall, and all PC's and laptops have one..
As i understand, only for the ports used by samba for the LAN?
well, the windows smb implementation seems to be programed in an evil way and don't use always the same ports, so one must let many ones open (that is may listen to these ports and answer to them) and this is unsecure.
use of samba server on suse fixes the permission problem.
Samba server i did not use before...
how did you grant access to your linux computer from windows then?
Sorry, it is the client and the server, i thought of an aplication like server-edition.. euh..errr..;-)
access must be done on the host:
* by a standard protocol (smb, ssh, ftp, http...) accepted by a server * by two applications sharing the same port
yes that is the procedures..
anyway, if you had a working config one day, and now it's no more working, there is to have been a change in between :-)
Offcourse there has to be a change to change something. In this case i did not change a thing. Why should i? It worked, and i never change something that does its job well.. again, that is why i call the firewall inconsistant.. If it is too much trouble to config it right, i shut it off, no big deal..(router is sufficient, and one pc can use DHZ ) - -- Have a nice day, M9. Now, is the only time that exists. OS: Linux 2.6.22.5-10-default x86_64 Huidige gebruiker: monkey9@tribal-sfn2 Systeem: openSUSE 10.3 (X86-64) Beta3 KDE: 3.5.7 "release 58" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFG7A1yX5/X5X6LpDgRAtrYAJ9qC4iLYY/VZVowNhuPxnx3oR+JMgCfdzEm splkrsqmms9PIUnSgYkXi+k= =dAU3 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org