Re: Firewalls


Subject: Re: Firewalls
From: Graham Leggett (minfrin@sharp.fm)
Date: Tue Aug 07 2001 - 00:13:41 MDT


"Paul J. Lucas" wrote:

> > Keep in mind though that some of these boxes are hopelessly insecure.
>
> Keep in mind that an improperly configured Linux box is
> insecure.

Makes no difference - a Linux box is likely to be secured by you, the
black-box firewall is likely secured by people with deadlines making it
as easy as possible for the lowest common denominator user. For a small
network, the black boxes are fine, but I woulndn't trust them for a
larger network.

> I turn off the "Allow external configuration" checkbox.
> Problem solved.

Security isn't a "checkbox". There are a whole miriad of creative ways
in which someone might sniff or hijack your connection.

Regards,
Graham

-- 
-----------------------------------------
minfrin@sharp.fm		"There's a moon
					over Bourbon Street
						tonight..."




This archive was generated by hypermail 2a24 : Tue Aug 07 2001 - 01:21:32 MDT