nanog mailing list archives

Re: Port blocking last resort in fight against virus

From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Wed, 13 Aug 2003 09:57:56 +0100 (BST)



On Wed, 13 Aug 2003, Petri Helenius wrote:


Mans Nilsson wrote:

Subject: Re: Port blocking last resort in fight against virus Date: Tue, Aug 12, 2003 at 10:42:38PM -0400 Quoting 
Sean Donelan (sean () donelan com):

I think filters/firewalls are useful.  I believe every computer should
have one.  I have several.  I just disagree on who should control the
filters.


Bingo!

Firewalls are a patch to broken network application architechture. If your
applications would have been properly designed, you would not have the need
for firewalls. They are for perimeter defence only anyway.


Sorry I see where you're coming from on this but firewalls are more than just 
patches to broken OS's. 

In your world DoS traffic would be free to roam the networks as it pleased 
without being throttled sensibly at ingress?

Or the dumb [wannabee] IT guy runs some telnet/ftp/filesharing service without
passwords and its ok for the whole world to access the private system coz its
his fault?

Steve

Current thread:

Re: Port blocking last resort in fight against virus, (continued)
- - - Re: Port blocking last resort in fight against virus Robert Raszuk (Aug 13)
    - Re: Port blocking last resort in fight against virus Randy Bush (Aug 13)
    - Re: Port blocking last resort in fight against virus Robert Raszuk (Aug 13)
    - Re: Port blocking last resort in fight against virus John Kristoff (Aug 13)
    - Re: Port blocking last resort in fight against virus Mans Nilsson (Aug 13)
    - Re: Port blocking last resort in fight against virus Petri Helenius (Aug 13)
    - Re: Port blocking last resort in fight against virus Måns Nilsson (Aug 13)
    - Re: Port blocking last resort in fight against virus neal rauhauser 402-301-9555 (Aug 13)
    - Re: Port blocking last resort in fight against virus Jason Houx (Aug 13)
    - Message not available
    - firewall == network diaper, ranting in HTML neal rauhauser 402-301-9555 (Aug 14)
    - Re: Port blocking last resort in fight against virus Stephen J. Wilcox (Aug 13)
    - Re: Port blocking last resort in fight against virus Mans Nilsson (Aug 13)
    - Re: Port blocking last resort in fight against virus Stephen J. Wilcox (Aug 13)
    - Re: Port blocking last resort in fight against virus Mans Nilsson (Aug 13)
    - Re: Port blocking last resort in fight against virus Christopher L. Morrow (Aug 13)
    - Re: Port blocking last resort in fight against virus Jack Bates (Aug 13)
    - Re: Port blocking last resort in fight against virus Christopher L. Morrow (Aug 13)
    - Re: Port blocking last resort in fight against virus Petri Helenius (Aug 13)
    - Re: Port blocking last resort in fight against virus Niels Bakker (Aug 13)
    - Re: Port blocking last resort in fight against virus Christopher L. Morrow (Aug 13)
  - Re: Port blocking last resort in fight against virus Mans Nilsson (Aug 12)

(Thread continues...)