The Ubuntu community has contributed 13850 ideas, 66216 comments, 1283827 votes
Idea
#2449: Advertise services with avahi (zeroconf) by default
|
| |
91
|
|
|
Written by andrearatto the 2 Mar 08 at 11:39.
Category: Internet & Networking.
Related to:
Nothing/Others.
Status: New
|
|
|
Description
What does this mean practically?
It means that if you connect two Ubuntu (other OSes may work too) computers they can e.g. share files via resources->network using sftp, ftp, samba... All with no configuration, just by plugging the cable.
How is it done?
When a new service is installed, also add the relative service file to avahi, so that it will appear on locally connected machines. Or alternatively have the service contact avahi via dbus when it starts.
Secondly add support in nautilus for _smb._tcp service type.
Avahi is already installed in Ubuntu.
Tags:
(none)
Attachments
No attachments.
Duplicates
Comments
|
probono wrote on the 2 Mar 08 at 12:12
| |
And check interoperability with Mac OS X, which also nicely integrates Zeroconf ("Bonjour").
|
|
peterjs wrote on the 2 Mar 08 at 20:48
| |
I can see the rational of setting up the services to advertise themselves given all the zeroconf integration there already is. But I think if you do that you'll need to add some VERY stern and imposing warnings that the services will be advertised, you will be proactively telling other people they exist, and inviting them to use the services/attack your system.
|
|
andrearatto wrote on the 29 Mar 08 at 09:14
|
If I want to know which services are active on another computer in a LAN, it takes me a couple of minutes even if Avahi is not installed. So any half skilled attacker does not care for avahi.
Security through obscurity does not work, especially when obscurity is almost daylight.
And since avahi is already installed, actually using it does not add new security concerns.
|
|
droetker wrote on the 1 Jul 08 at 19:21
|
@andrearatto: agreed.
Hiding something is a VERY bad security.
In fact, people feel more safe then and choose passwords like "hello123" or even better. That's security.
There are so many attempts to make systems safer, and the biggest holes are open.
And believe me, they are NOT avahi.
|
|
Auzy wrote on the 1 Jul 08 at 23:44
|
I agree with these these guys, security via obscuring the services is very poor security. Even with a firewall that drops packets, port scanning on an internal lan is very fast, because you KNOW that if the port is open, that a response should come within 50ms. So anyone can scan every computer on the network rapidly.
If you are concerned with security, you should vote for the stability and security centre. That would allow you to evaluate the services which are remotely available, so that you aren't running anything dangerous over the lan.
|
|
oss_test_launchpad wrote on the 22 Aug 08 at 13:34
| |
It's a shame that on Ubuntu you cannot just plug two computers using a twisted pair cable and copy your files.
|
|
andruk wrote on the 11 Sep 08 at 03:48
|
@oss_test_launchpad: I assume you mean with a crossover cable (aka: null-modem cable)? Because I don't think that connecting two computers with normal cat5e/cat6 is software problem. ;-)
Agreed.
+1
|
Post your comment
|
|
|
