[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewall

On Wed 04 Jul 2012 at 12:14:29 -0400, Brad Alexander wrote:

> On Wed, Jul 4, 2012 at 2:15 AM, Ralf Mardorf <ralf.mardorf@alice-dsl.net> wrote:
> >
> > To answer drily: Test them and report what firewall does protect you the
> > best against no attacks. Linux for home usage was safe, is safe, will be
> > safe. Yes, it's safe regarding to things I criticize. I don't criticize
> > protection per se, I only worry about toooo much security for nothing.
> I disagree. Its about defense in depth. Because what happens if you

A commonly used phrase - military in origin, I imagine. One day I must
investigate how a firewall can protect my mail server. Until then I will
just continue to accept connections from anywhere.

> get a piece of bad software that opens a vulnerability? And yes, that

I'd rather you were specific here about the sort of vulnerability in the
service you are thinking about but, talking in general and using Debian,
the fix would become available, you would download it and move on. No
problem, no fuss, no firewall needed.


> So a piece of bad software gets introduced into the repos. It could
> happen...And having a firewall in place (an external firewall would
> have the advantage of not being able to be turned off by said
> malware).

A firewall will not give protection from a software defect in a running
service. Not unless you lock the service down so much it becomes

Reply to: