Alain wrote ---------------------------
Le 11/11/2011 10:39, Bob Hoffman a écrit :
/ Ubuntu opened the virtual host to the entire lan, all ports, and added
/>/ forwarding to non existent />/ virtual bridge that had not been built yet. / This is simply false for Ubuntu Server. After first install, there is simply no single port opened, even 22, you need to install openssh for that. So there is no need for a firewall with the basic install. It is this philosophy that is not unsderstood by RHEL.CentOS users. You don't need a firewall when there are no ports opened.
The first release was even delayed because it remained one open port !
Meanwhile, you can access the Internet (it does not open ports on the external), and update your machine.
I am using Ubuntu Server for VMs, and I like this behavior. It is very light, and a fast installation. Then I install and open only the required services and ports, and control the ports that can reached from Internet with a site firewall.
Alain ------------------------- Well, I did the stock install as a virtual guest and was able to use port 22 to shell right into it even though that port was not specifically listed as opened in the firewall I posted. I was able to see all other ports open too. I just assumed it was setting up a lan/masquerade for my whole network as part of the dhcp. It was enough for me to uninstall it as a virtual host as it was beyond my skill to understand a proper response to an open firewall.