|
|
|
|
|
|
by vegardx
4221 days ago
|
|
|
I was just using MySQL as a hypothetical example, as they listen on all interfaces by default with packages supplied by Oracle. Next time you're on a tech conference, do a scan on the local network. My point was that by his standard he would just let it listen on all interfaces because in his own word, nobody would find it. Which sounds very naive. |
|
|
I was arguing the whole "listen on all interfaces by default" is wrong - if one needs to expose the app, they should do so explicitly, and you did the same.