Re: Personal Firewall for Business use

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2003-10-31 Kent James wrote:
> > And I still fail to see why one would want to use a PF on a server.
>
> I can give you a personal example, maybe trivial but real. Most of the
> time I live outside of the US, but my family network in the USA runs,
> unattended, on Windows 2000 server with a full-time modem connection
> to an ISP. An old version of Tiny Personal Firewall runs on that
> server, and successfully protected it from the MS Blaster worm that
> hit while I was out of the country.

Why not use a packet-filtering NAT box instead? You are right, that
host-based packet-filtering makes sense in some cases, but even in the
case you described I (personally) would prefer to have the packet filter
on a separate box.

> I don't use any of the personal firewall features such as application
> checking, just simple blocking of incoming connections that I have
> configured directly. So maybe you are correct that there is no reason
> to run a "personal firewall" on a server, but this particular
> "personal firewall product" had some value to me on a server, mainly
> because it was free and available.

I was mainly objecting to the assumption that software is able to block
outgoing connection attempts of trojan horses.

> The other nice thing about running TPF is that it has a screen that shows
> all of the IP connections, and the traffic on them.

netstat exists.

Regards
Ansgar Wiechers

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------