Re: other services on a firewall
Firewalls should be designed on top of good application configuration. Whether you
have hand tuned your software or not, there will always be bugs. Without a firewall
in place nothing will protect your system from being exploited. For example, suppose
you have a system without any form of firewall protection, packet filtering included,
this allows anyone to access your server directly. You said yourself "The program
is only as good as the programmer," if you had important information to protect would
you put it all in the hands of said programmer?
doug
>> > Just out of curiousity why would you limit a perfectly fine PC
>> > to just run a firewall? You should be able to add other services
>> > along with the firewalled machine and not freak out over security
>> > as bad as long as you set everything up properly.
>> >
>> > Isn't there an old saying, "The program is only as good as the
>> > programmer?" Couldn't that be applied in this case too?
>> >
>> > Personally I run a small local network that has access to the
>> > Internet via one of my Linux machines. This machine also
>> > has a web server, file server, and a FTP server on it too.
>> >
>> > I don't have to worry about security with any of these services
>> > running on the firewall machine because I set each up the way
>> > I needed them to be so that only the correct people get access.
>> > Granted this takes longer then just unpacking and installing the
>> > source of each, but it is well worth it and helps consolidate
>> > the expense of one machine per service.
>> >
>> > Personally I think that putting all your faith about these other
>> > services in one simple firewall is crazy, but that is only me.
>> >
>> > Just a humbled opinion...
>> >
>> > Ken
Reply to: