[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewall

On 2012-07-05 10:05, Anthony Campbell wrote:

On 04 Jul 2012, Brad Alexander wrote:
On Wed, Jul 4, 2012 at 2:15 AM, Ralf Mardorf <ralf.mardorf@alice-dsl.net> wrote:
On Wed, 2012-07-04 at 11:19 +0800, lina wrote:
Hi, I don't know which firewall (http://wiki.debian.org/Firewalls) I should choose. Thanks ahead for recommendation, and it will be very nice if you tell me why you recommend this one.
To answer drily: Test them and report what firewall does protect you the best against no attacks. Linux for home usage was safe, is safe, will be safe. Yes, it's safe regarding to things I criticize. I don't criticize protection per se, I only worry about toooo much security for nothing.
I disagree. Its about defense in depth. Because what happens if you get a piece of bad software that opens a vulnerability? And yes, that could happen to a home Linux user as easily as a corporate one, since they are using the same update mechanisms. In fact, I would posit that a home user could be at *more* risk, since, in theory, a corporate user would be limited in the amount and types of software installed...Corporate server vs home workstation.
I have a home network. A few years ago I was attacked and the ownership
of some files was changed. I restoreed them to normal and it happened
again, so I reinstalled. Since then I've been using sborewall and there
have been no further intrusions.


Your problem is not a firewall problem. Firewall doesn't mean IPS/IDS or L7 Filter.  Also a firewall must be a netfilter, NAT, routing etc.

Inbound or outbound network traffic and packets are permitted or blocked/rejected or  port forwarding by firewall.

If there is a vulnerability on your OS or apps you must use IPS/IDS or L7 filter or UTM (netfilter + ips + any stuff...) 

 * @author Atıf CEYLAN
 * Software Developer & System Admin
 * http://www.atifceylan.com

Reply to: