Re: basic question about firewall usage
> > All I'm saying is that servers on the regular
> internal network,
> > secured by a serviceless firewall, are still
> better than externally
> > accessible services on the firewall itself. I
> hope you'll agree with
> > that.
> I still disagree.
Make that definitely disagree!
Remember a firewall does not need to be just one
machine. It can be modularize across several machines.
So in that case you are definitely wrong.
You are under the assumption. That the attacker is
going to break your firewall through the services
provided on it. But remember you have not gained
anything if the attacker breaks an internal host
instead. "Unless that internal host is in a protected
subnetwork. "dmz" Which is also know as the service
layer of a network-service-network firewall sandwich.
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.