Security Basics mailing list archives
Re: Personal Firewall for Business use
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 31 Oct 2003 11:32:36 +0100
On 2003-10-31 Kent James wrote:
And I still fail to see why one would want to use a PF on a server.I can give you a personal example, maybe trivial but real. Most of the time I live outside of the US, but my family network in the USA runs, unattended, on Windows 2000 server with a full-time modem connection to an ISP. An old version of Tiny Personal Firewall runs on that server, and successfully protected it from the MS Blaster worm that hit while I was out of the country.
Why not use a packet-filtering NAT box instead? You are right, that host-based packet-filtering makes sense in some cases, but even in the case you described I (personally) would prefer to have the packet filter on a separate box.
I don't use any of the personal firewall features such as application checking, just simple blocking of incoming connections that I have configured directly. So maybe you are correct that there is no reason to run a "personal firewall" on a server, but this particular "personal firewall product" had some value to me on a server, mainly because it was free and available.
I was mainly objecting to the assumption that software is able to block outgoing connection attempts of trojan horses.
The other nice thing about running TPF is that it has a screen that shows all of the IP connections, and the traffic on them.
netstat exists. Regards Ansgar Wiechers --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- RE: Personal Firewall for Business use Kent James (Nov 03)
- Re: Personal Firewall for Business use Ansgar -59cobalt- Wiechers (Nov 03)
- Re: Personal Firewall for Business use Kevin Saenz (Nov 04)
- RE: Personal Firewall for Business use Kent James (Nov 06)
- Re: Personal Firewall for Business use Ansgar -59cobalt- Wiechers (Nov 07)
- Re: Personal Firewall for Business use Kevin Saenz (Nov 04)
- Re: Personal Firewall for Business use Ansgar -59cobalt- Wiechers (Nov 03)
- <Possible follow-ups>
- Re: Personal Firewall for Business use 'Ansgar -59cobalt- Wiechers' (Nov 03)