On 11/24/2009 9:46 AM, Rowan R. wrote:
this is a stupid question, am I required to install (SuSE 11.2) behind a firewall, or does yast initially block all ports incoming during install until SuSEfirewall2 has been config'ed ?
Be aware that if you do not have a service listening on a port it is "BLOCKED". It is a common (windows) misconception that a machine without a firewall is at sever risk. You can hook opensuse directly to the internet without fear, because nothing is listening in the default configuration which will accept connections from other than localhost. You can elect to start the firewall at boot time in yast as soon as the the interface is up, but before any other services are started. This way, when you add services such as samba, ftp, ssh, you will be able to restrict them with the firewall, independent of each service's configuration. If you only have one network card in a linux machine, there is very little need for a firewall, either software or hardware. It serves mostly as a back-up to protect against an absent minded administrator firing up something like Samba and forgetting to set the configuration to restrict access. The short answer to your question is No and Yes respectively. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org