@12:25 Hello, I am looking for clarification at the above timestamp. Why is Whitelisting less desirable to Blacklisting? Assuming the Security Team knew what they were doing, wouldn't it be more desirable to 'Deny All' except for what you specifically permit? As I understand it, in the context of ACLs; Whitelisting == Deny all, except explicitly Permitted ACEs Blacklisting == Permit all, except explicitly Denied ACEs
Hi, Yes I agree generally a whitelist is preferred to a blacklist. However in the use case of public systems such as websites etc, you would need to utilise a blacklist not a whitelist as it would require you whitelisting the entire internet either way.
You basically hacked into os by changing ip forwarding option globally. I am not sure but I believe forwading between zone are possible with firewalld policies. I appreciate if you look into it and make a video if possible.
Very good explanation, now it's all clear to me.
you get asked in rhcsa to open gui and do all these stuff? isn't it all via terminal?
Thanks!
@12:25
Hello,
I am looking for clarification at the above timestamp.
Why is Whitelisting less desirable to Blacklisting?
Assuming the Security Team knew what they were doing, wouldn't it be more desirable to 'Deny All' except for what you specifically permit?
As I understand it, in the context of ACLs;
Whitelisting == Deny all, except explicitly Permitted ACEs
Blacklisting == Permit all, except explicitly Denied ACEs
Hi,
Yes I agree generally a whitelist is preferred to a blacklist. However in the use case of public systems such as websites etc, you would need to utilise a blacklist not a whitelist as it would require you whitelisting the entire internet either way.
@@compsecgadgets
Thanks for the clarify! ^.^
Awesome. are we allowed to use the GUI in the exam?
Yes you can! :)
You basically hacked into os by changing ip forwarding option globally. I am not sure but I believe forwading between zone are possible with firewalld policies. I appreciate if you look into it and make a video if possible.