Le 03/08/2011 09:55, Johannes Meixner a écrit :
And opening a daemon's port makes the firewall useless for this daemon and you must rely on that this daemon has no bugs.
yes
If childs are installing trojans or when guests connect cracked computers in your trusted network, you are doomed.
that's a reason to have a firewall in every computer :-)
Therefore you must separate your trusted network from the rest of your network and no longer let such childs and guests in your trusted network.
this is not always (often) possible. We have to share the printer, for example, to come back to the thread object. It's also why I prefere to have a network printer than a printer connected to my own computer (that would need me to open my computer to others). But it's a risk more easily managed. As I said, I don't have so many guests, and childs computers are not always up. by the way is there any SuSEfirewall2 log analizer that could help know is some attacks are made and what kind. the logs themselve are pretty intimidating - and hard to find on my desktop. could it be possible to have a log dispatcher and log reader in the YaST firewall module (may be open an other discussion?) thanks jdd -- http://www.dodin.net http://www.youtube.com/user/jdddodinorg http://jdd.blip.tv/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org