Re: ridiculous situation

[Devdas Bhagat <devdas () dvb homelinux org>]

On 29/11/02 11:33 -0700, Glenn Valenta wrote:
> Also, some people feel that a firewall is unnecessary if you don't run any 
> services that are vulnerable to attack. The problem with this philosophy is 
> when someone eventually breaks one of those services.
A firewall is a useful tool as part of a security infrastructure. The
problem is, no non-application layer firewall will work to protect a
vulnerable system from attacks. The only true defense is to run secure
code and stay patched, and alert. Read the logs. A packet filter can
reduce a lot of noise, but really doesn't add much security unless you
are running a DMZ and an internal network which should not have any
access to/from the Internet.

Devdas Bhagat