Re: Firewalling

To: "Kevin" <cog@iwz.com>, <debian-isp@lists.debian.org>
Subject: Re: Firewalling
From: wagnerc@plebeian.com (Chris Wagner)
Date: Thu, 30 Mar 2000 00:11:17 -0500
Message-id: <20000330051123Z38867-15182+2573@mail.one.net>

I think firewalls are overrated.  They only do anything if there are some
*unsecured* computers on your network that need protection.  It's better to
just lock down every machine, that way you're also protected from internal
attacks.  Really, the only thing I think that justifies them is port
blocking.  Your router can already do ip based filtering.  Now how do you
decide what ports to block?  It turns out you have to be a little facist
about it.  Because you're deciding for other people what ports they "should"
be using and which ones they "shouldn't".  Windows is an operating system
that probably does need protection though.

At 08:31 PM 3/29/00 -0700, Kevin wrote:
>router, then to the servers.  I'm curious what kind of effect having a
>firewalled router will have on the dialup customers as well as certain
>servers like a shell provider.  Also what would I firewall from the router.
>I don't want to really restrict any ports for end dialup users as I've had

You can have your firewall restrict ports on a per ip basis.

+-------------------------------------------------------------------+
|        -=I T ' S  P R I N C I P L E  T H A T  C O U N T S=-       |
|=-                  -=ALAN KEYES FOR PRESIDENT=-                 -=|
| Balanced Budgets     Personal Freedoms     Morality     Lower Tax |
|=--                  http://www.Keyes2000.com.                  --=|
+???????????????????????????????????????????????????????????????????+

Reply to:

Prev by Date: Re: Firewalling
Next by Date: Re: Firewalling
Previous by thread: Re: Firewalling
Next by thread: Debian package of bigwig 1.2
Index(es):
- Date
- Thread