-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-05-11 08:59, jdd wrote:
Le 11/05/2015 02:27, James Knott a écrit :
Does "internal" really apply to a single computer? There is only what's external to it, that is the rest of the lan and beyond that it has to be protected from.
think at the firewall as a door.
on a single computer, as on a house, the external is the door that opens to the network, the internal is the house, that is your computer.
Think rather of an apartment building. There is the door to the street, perhaps with a janitor. Then there are the doors to the apartments. Do you leave the apartment doors open, because you trust the janitor? Or do you use a good lock on your home, and check who calls using the peep hole?
there is a discussion about is it necessary to have a firewall even for unused ports, because any port is read at least a some level, else nothing will be transmitted to applications, but I have no idea on this.
Strictly speaking, a firewall is not needed if no port is listening. However, as you can not be sure of this, because tons of applications can open doors and you would have to check all and all users, it makes sense to have another layer. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlVQwTMACgkQja8UbcUWM1yoOAD9ERX1odQI/9tlnl5TvkBWADQP 6JPuSuwAHQU11lQsMUgA/1/9PhynkIisqXbV9WxNXlpCr5z3AkCQ9dqGqZq9Nz6h =tTzE -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org