Re: Newie questions about security

To: debian-user@lists.debian.org
Subject: Re: Newie questions about security
From: Paul Johnson <baloo@ursine.ca>
Date: Thu, 01 Mar 2007 13:51:11 -0800
Message-id: <[🔎] ffujb4xejj.ln2@ursa-major.ursine.ca>
References: <1172669906.980186.288230@z35g2000cwz.googlegroups.com> <[🔎] ac8hb4xojr.ln2@ursa-major.ursine.ca> <[🔎] 20070301140525.GC31639@santiago.connexer.com>

Roberto C. Sanchez wrote:

> On Wed, Feb 28, 2007 at 01:21:46PM -0800, Paul Johnson wrote:
>> 
>> Firestarter and other Linux based firewalls are when you want to build a
>> firewall for your network.  You cannot build a firewall for just the
>> computer you want to firewall:  Firewalls, by nature, must be on
>> dedicated
>> hardware to work.  Thus, ZoneAlarm, Kerio, BlackICE, Windows Firewall,
>> etc, are guilty of false advertising at best, and gross misrepresentation
>> at worst.
> 
> This is false.  You can filter packets to/from *any* interface on any
> machine.  That is what makes a firewall.  Now, the physical distinction
> may be blurred, but the logical distinction is still there.

I meant more in general.  In Linux, while what I said doesn't apply, it's
still bad practice to expect your firewall to do more than firewall.  In
Windows (and probably other operating systems), there is no such logical
distinction made.

Reply to:

Follow-Ups:
- Re: Newie questions about security
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Newie questions about security
  - From: Celejar <celejar@gmail.com>

References:
- Re: Newie questions about security
  - From: Paul Johnson <baloo@ursine.ca>
- Re: Newie questions about security
  - From: "Roberto C. Sanchez" <roberto@connexer.com>

Prev by Date: Re: A Republican!!!!!! (was Re: OT: sponge burning!)
Next by Date: Re: How to best use the list?
Previous by thread: Re: Newie questions about security
Next by thread: Re: Newie questions about security
Index(es):
- Date
- Thread