Re: Debian secure by default?
Paul Johnson wrote:
I hate to say this, but the most threats are in fact internal.
Employees running amok. You have to defense against that in a a
On Saturday 24 May 2008 04:19:20 pm Todd A. Jacobs wrote:
On Sat, May 24, 2008 at 11:47:05AM -0700, Paul Johnson wrote:
I see no advantage to host-based firewalls that couldn't be better
served by a router doing filtering at the edge of the network.
There's no reason to expose machines directly to the internet.
Internal threats? A compromised host? Lazy sysadmins? Ignorant users?
How would your perimeter security help there?
You can't solve social problems with technological means effectively. Odds
are, if they're on your internal network and you consider them a security
threat, you have deeper security problems than can't be solved short of door
locks and ensuring nobody outside can get a connection.
Damon L. Chesser