Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reasons for using an external firewall

From: Paul Cardon <paul () moquijo com>
Date: Wed, 20 Nov 2002 09:59:30 -0500
John P wrote:

However in this setup, how much extra protection can an external firewall
give? The machines have to have open ports portforwarded through any
firewall (80/25/etc) and I assume would remain exploitable to buffer
overflows, bug exploits etc. I could restrict access to the other open
system ports and services by turning them off, using ipchains/ipfilter and
hosts.deny etc. DoS situations would be difficult to protect against even
with an external firewall.

What extra security will an external firewall actually provide? I suppose
other nice features like VPN, etc, but what else? It's quite a busy site, so
could ipfilter generate quite a lot of load, which could be shifted onto a
dedicated firewall?
One benefit of an external firewall is to restrict outbound traffic. Some exploits attempt to make outbound connections so having the control on a separate device will prevent these portions of the attack from working. If this control is implemented on the server itself it could be circumvented when the server is compromised. 

-paul
Previous By Date Next
Previous By Thread Next

Current thread: