Re: Debian secure by default?

To: debian-user@lists.debian.org
Subject: Re: Debian secure by default?
From: "Todd A. Jacobs" <nospam@codegnome.org>
Date: Sat, 24 May 2008 16:19:20 -0700
Message-id: <[🔎] 20080524231920.GK21907@penguin.codegnome.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 200805241147.07588.baloo@ursine.ca>
References: <[🔎] 200805241147.07588.baloo@ursine.ca>

On Sat, May 24, 2008 at 11:47:05AM -0700, Paul Johnson wrote:

> I see no advantage to host-based firewalls that couldn't be better
> served by a router doing filtering at the edge of the network.
> There's no reason to expose machines directly to the internet.

Internal threats? A compromised host? Lazy sysadmins? Ignorant users?
How would your perimeter security help there?

To paraphrase Bruce Schneier, security is what you get when you
anticipate how things can *fail*, not how they are supposed to work
under optimal conditions.

Firewalls are useful for solving certain classes of problems. If they
don't solve *your* problems, that doesn't make them useless.

-- 
"Oh, look: rocks!"
	-- Doctor Who, "Destiny of the Daleks"

Reply to:

Follow-Ups:
- Re: Debian secure by default?
  - From: "Paul Johnson" <baloo@ursine.ca>

References:
- Re: Debian secure by default?
  - From: "Paul Johnson" <baloo@ursine.ca>

Prev by Date: Re: startx stopped working - xinit OK
Next by Date: Re: Debian secure by default?
Previous by thread: Re: Debian secure by default?
Next by thread: Re: Debian secure by default?
Index(es):
- Date
- Thread