-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2009-05-06 at 21:11 -0700, Prasun Dhara wrote:
But Just imagine a situation: --> one person(Not an expert in Linux security) installed linux in his laptop for his personal use --> For security reason he kept all his port closed in internal and external interface.(by default in open suse all ports are closed in external interface) [Yes its a very good security policy]
-->Now he wants to listen a song.so he needs to run a player(say kaffaine or VLC or amarok etc)These players also needs some open port.So when ever he tries to run the application request is silently drops.
I can't imagine a reason why a player would need to open a listening port to internet. Why? Not even if you have to download the music at that instant, like from an online radio, would any action be needed to open a port on the firewall, that's automatic (the connection is initiated from inside, not outside). There is no port on the outside waiting for a connection, the player is not a server but a client.
--->Now he wants to chat/voice chat with some one using a VOIP messenger. but since this program also needs an open port.He cant do voice chat.Even if all ports are open from internal interface no one from out side call him since all ports are closed in external interface.[In this situation do we expect to him to call a *SUPPORT* team and pay them? Isn't it rediculus to call a security support team to chat with some one ?? ]I
He would need to do a similar action on the internet router. If he knows how to prepare the router, he also knows how to prepare the internal firewall. Plus, that VoIp program would have to document this in detail. Not to forget that some apps, like Skype, do not need any action. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkoDXt4ACgkQtTMYHG2NR9VEyACfbVWra4LG4CE5Y48BDTGv2UI5 8ZsAnjQ/Z7CCp4AoQHfl5m0csAbU/csm =uemu -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org