RE: win2k firewall

[H C <keydet89 () yahoo com>]

> A good firewall gives you more functionality than
> mere port-blocking. A good
> firewall protects you against DoS attacks which, for
> one reason or another,
> the O/S of your choice may not (I'm no Win2k expert,
> but since when have
> Microsoft ever got issues like 'security' and
> 'robustness' even 90% right?).

MS bashing really doesn't do a lot to support your
argument, particularly when you state that you're
really not up on 2K).  Keeping the system patched and
updated, as well as applying a couple of
well-documented Registry tweaks, will do a lot to
protect you.

In fact, I'd like to hear what DoS attacks you're
talking about.  What specific DoS attacks are out
there that target the Win2K IP stack?

> A good firewall records logfiles of traffic in and
> out of your box - so that
> even if your box is compromised in some fashion, you
> have redundancy in your logs.

Agreed.  Other avenues include running snort (free,
runs on Win2k, etc).

> Firewalls aren't just to protect you against the
> wilderness of the Internet.
> They're also a great way to protect yourself against
> badness happening
> inside your own company, and a great way of
> generally keeping an eye on
> things - though, as stated, probably not the best
> idea to run your firewall on a production web
server.

Will I fully agree, I would like to add a caveat. 
This is true, as long as the systems are monitored.  I
see too many systems, every day, that are set up and
left to run, w/o an monitoring.  



__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com