Please enable firewalls by default on Linux distributions

From: Erik Aronesty (erik@zoneedit.com)
Date: 03/08/03

• Next message: Matt Gauthier: "Re: fully overwriting partition"
• Previous message: Wendell Smith: "iptables - unclean?"
• Next in thread: John SMith: "Re: Please enable firewalls by default on Linux distributions"
• Reply: John SMith: "Re: Please enable firewalls by default on Linux distributions"
• Reply: Kasper Dupont: "Re: Please enable firewalls by default on Linux distributions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: erik@zoneedit.com (Erik Aronesty)
Date: 7 Mar 2003 15:46:52 -0800

DDOS attacks are on the rise.

Most distributions of Linux ship with powerful firewalls that are
completely turned off when you install them, allowing the systems to
be easily used as staging areas for DDOS attacks.

Nearly every other piece of network software in the world has "default
settings" that contain restrictions on usage, except our most
important ones. For example: email servers come with rate filtering
defaults and are closed to relaying by default.

Router vendors should be selling products that are "default
restrictive", unless you are an advanced user who knows how to unlock
more powerful features - not the other way around.

Rather than begging 200 million clueless users to reconfigure their
OS'es and routers after installing them, we should simply call
attention to the security vulnerabilities inherent in the default
settings of the software.

Filters that are within the capabilities of the O/S and are reasonable
defaults for a majority of the users should be enabled by default.

At some point, failure to do this could even be seen as negligent on
the part of the vendors.

At the very least, egress filtering, syn flood prevention, basic port
filters should be enabled by default.

Any thoughts on how to get the consumer router vendors to do this?

---

• Next message: Matt Gauthier: "Re: fully overwriting partition"
• Previous message: Wendell Smith: "iptables - unclean?"
• Next in thread: John SMith: "Re: Please enable firewalls by default on Linux distributions"
• Reply: John SMith: "Re: Please enable firewalls by default on Linux distributions"
• Reply: Kasper Dupont: "Re: Please enable firewalls by default on Linux distributions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: [Full-Disclosure] viruses being sent to this list ... but the list owners have been pretty ... adamant that they will not install any kind of filtering on the list at ... (Full-Disclosure) Re: Notifying user of open Internet access ... Again, most residential/personal internet ... > services do not permit users running services that provide anonymous ... If you'd install filters against every possible ... Email filtering to filter out viruses. ... (alt.computer.security) Re: proxy server ... > I want to install a proxy server to manage these features: ... I installed squid proxy with dansguardian content filtering for a school ... To unsubscribe, ... (freebsd-questions) Re: How do I get rid of this annoying site ... >> programs on your PC than normal programs. ... > types of filtering.) ... I don't suggest they install anything ... I am suggesting they INSTALL 4 ... (microsoft.public.windowsxp.help_and_support) Re: NexusDB? ... I thought maybe the problem is with some IP filtering because of DDOS attacks, but looking at the 3 IP addresses currently involved, it looks more like a general AT&T problem: ... I doubt there were DDOS attacks from all three regions, but all are comming from AT&T, so ... ... I'd say you should nag on AT&T until they sort the problem out. ... Danijel ... (borland.public.delphi.thirdpartytools.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)