firewall limitations (was Re: my isp is being told *i* am broadcasting spam?)
On Thu, Apr 18, 2002 at 11:11:37PM -0700, David Smead wrote:
| The first mistake is running Windows.
True.
| The second mistake is not putting Windows machines all on their own
| subnet with a firewall between it and the `good' machines on the Linux
| subnet.
It makes no difference. The windows machine still gets hosed. The
only way to prevent that from happening is to
a) disconnect the windows machine
b) use a firewall that does the _same thing_
If your firewall is going to behave like a severed cable, you might as
well just sever the cable and make it easier on yourself.
| Aynone who can secure Windows itself with a firewall product has a ready
| and steady market!
Firewalls are a good thing to protect against private services and
services you didn't know were running, but they can't prevent you from
becoming an open relay (or anything else) for services you do allow.
Firewalls are a way of reducing network connectivity, ideally without
destroying it altogether. I'm not saying you shouldn't use a
firewall, just be aware of the limits of its capabilities.
-D
--
"...In the UNIX world, people tend to interpret `non-technical user' as
meaning someone who's only ever written one device driver."
--Daniel Pead
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: