Security Basics mailing list archives
re: win2k firewall
From: Theo Spears <postmaster () terrarium f9 co uk>
Date: 07 Jan 2003 22:35:31 +0000
Hello All Firstly I'd agree with everyone else that a software firewall is definitely not a replacement for a separate box. An old machine with a pair of network cards and linux/FreeBSD can go a long way towards more network peace of mind. Secondly I'd also agree turning off all unneeded services is a good idea. Not only because these services may allow an attacker to gain access to the machine, but also because they are likely to give away information about the system the machine is running. There is (generally) no disadvantage to disabling them, so why not do so? That does not however mean a software firewall is entirely useless. If your attacker gets root/admin access then it is completely useless, however if they only manage to gain normal user access then it can make their life harder. The important thing with firewalls on servers is as important as filtering what goes into them is filtering what is allowed to come out. Theo Spears
Current thread:
- RE: win2k firewall, (continued)
- RE: win2k firewall Daniel R. Miessler (Jan 07)
- RE: win2k firewall josh (Jan 08)
- RE: win2k firewall Daniel R. Miessler (Jan 08)
- RE: win2k firewall H C (Jan 08)
- RE: win2k firewall Daniel R. Miessler (Jan 08)
- RE: win2k firewall H C (Jan 08)
- RE: win2k firewall Daniel R. Miessler (Jan 08)
- RE: win2k firewall Jimmy Sansi (Jan 09)
- RE: win2k firewall Daniel R. Miessler (Jan 07)
- RE: win2k firewall Jason Dixon (Jan 11)
- RE: win2k firewall David Gillett (Jan 13)
- RE: win2k firewall Richard H. Cotterell (Jan 21)