Security Basics mailing list archives
win2k firewall
From: "Eric Griffin" <alakevue () tampabay rr com>
Date: Sun, 12 Jan 2003 10:35:39 -0500
While I agree wholeheartedly that hardening your server is the first step, it would be silly and futile to put all of your eggs in one basket. How many security flaws did M$ report on Win2k last year? After hardening and best practices have been applied, you need a product like BlackIce which may provide DAY ONE protection. Patches? Yes, apply them after they have been tested in your environment, but that leaves a window of opportunity for others. Apply untested patches and your system may be down for a while. BlackIce is a necessary tool to help fend off these holes. I have been using BlackIce for about 3 years and the product has gone from a good last line of defense to an unbelievably great product. Sure it has its flaws but not in the area of defense. Sure there have been a lot of old versions that were troublesome, but no other soft firewalls-IDS that I know of could compare (during the same time frame on a system with OPEN ports). No, it is not perfect yet, but as another line of defense on something as important as a web server or email server it is money well spent. Just my 2 cents worth. Ric Griffy
Current thread:
- RE: win2k firewall, (continued)
- RE: win2k firewall Mark S. Searle (Jan 06)
- RE: win2k firewall Paul Carroll (Jan 07)
- RE: win2k firewall H C (Jan 07)
- RE: win2k firewall Mark S. Searle (Jan 08)
- RE: win2k firewall Zimin, Alex (Jan 09)
- RE: win2k firewall Richard H. Cotterell (Jan 21)
- FW: win2k firewall Mahoney, Paul (Jan 09)
- RE: win2k firewall Zimin, Alex (Jan 11)
- Re: win2k firewall alexanderdelarge (Jan 11)
- RE: win2k firewall Mahoney, Paul (Jan 15)
- win2k firewall Eric Griffin (Jan 21)