Security Basics mailing list archives
RE: win2k firewall
From: H C <keydet89 () yahoo com>
Date: Tue, 7 Jan 2003 06:53:29 -0800 (PST)
A good firewall gives you more functionality than mere port-blocking. A good firewall protects you against DoS attacks which, for one reason or another, the O/S of your choice may not (I'm no Win2k expert, but since when have Microsoft ever got issues like 'security' and 'robustness' even 90% right?).
MS bashing really doesn't do a lot to support your argument, particularly when you state that you're really not up on 2K). Keeping the system patched and updated, as well as applying a couple of well-documented Registry tweaks, will do a lot to protect you. In fact, I'd like to hear what DoS attacks you're talking about. What specific DoS attacks are out there that target the Win2K IP stack?
A good firewall records logfiles of traffic in and out of your box - so that even if your box is compromised in some fashion, you have redundancy in your logs.
Agreed. Other avenues include running snort (free, runs on Win2k, etc).
Firewalls aren't just to protect you against the wilderness of the Internet. They're also a great way to protect yourself against badness happening inside your own company, and a great way of generally keeping an eye on things - though, as stated, probably not the best idea to run your firewall on a production web
server. Will I fully agree, I would like to add a caveat. This is true, as long as the systems are monitored. I see too many systems, every day, that are set up and left to run, w/o an monitoring. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- RE: win2k firewall, (continued)
- RE: win2k firewall H C (Jan 08)
- RE: win2k firewall Daniel R. Miessler (Jan 08)
- RE: win2k firewall H C (Jan 08)
- RE: win2k firewall Daniel R. Miessler (Jan 08)
- RE: win2k firewall Jimmy Sansi (Jan 09)
- RE: win2k firewall Jason Dixon (Jan 11)
- RE: win2k firewall David Gillett (Jan 13)
- RE: win2k firewall Richard H. Cotterell (Jan 21)