Re: hurd does NOT need /hurd
On Mon, May 20, 2002 at 01:25:31PM -0600, Joel Baker wrote:
> Rule #1: attackers cannot attack what they cannot reach. Firewalls are not
> perfect; they can be misconfigured, disabled, and in some cases (which do
> apply to Debian), machine-based firewalls can have bugs in the firewalling
> code which expose parts of the machine despite the firewall, or machines
> behind the firewall. But I'll take a 99% reduction in attack vectors any
> day of the week, thanks.
For a host based firewall, the firewall is certainly less effective than
simply not listening on any ports. You're right--attackers can't attack
what they cannot reach (in this case, what you're not running.)
--
Mike Stone
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: