Security Basics mailing list archives

RE: win2k firewall

From: "josh" <josh () 0x90 org>
Date: Tue, 7 Jan 2003 10:58:10 -0800

Why would you tell someone to run blackice witch has bugs in it.
If your going to have a firewall, just grab a box that is not being used
and put Openbsd on there and make your firewall that way. Much safer,
and secure

-h
-----Original Message-----
From: Daniel R. Miessler [mailto:danielrm26 () hotmail com] 
Sent: Monday, January 06, 2003 10:11 PM
To: 'H C'; security-basics () securityfocus com
Subject: RE: win2k firewall

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So...if you turn off all the services that you don't
need, and you only have ports 80 (and 443, maybe)
open, then what would be the point of the firewall?


Well, if you run something like BlackIce or another active IDS
oriented product (like snort with IPTABLES) you can watch what IS
allowed, and make sure, based on signatures/rules, that nothing
malicious is being attempted.  This is what a server firewall should
do - active intrusion detection. 

Daniel R. Miessler

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPhpvUVJwf7WiYT5vEQI1FACg86ejw4J8AM4kUg7vPWQvX5pJkqgAoI7I
mO2o3XKQcc7fUxLnAmwSEoW2
=ouTK
-----END PGP SIGNATURE-----

Current thread:

RE: win2k firewall Piacquadio, Juan (Jan 06)
- <Possible follow-ups>
- re: win2k firewall H C (Jan 06)
  - RE: win2k firewall Rick Darsey (Jan 07)
    - RE: win2k firewall H C (Jan 07)
  - RE: win2k firewall Daniel R. Miessler (Jan 07)
    - RE: win2k firewall josh (Jan 08)
    - RE: win2k firewall Daniel R. Miessler (Jan 08)
    - RE: win2k firewall H C (Jan 08)
    - RE: win2k firewall Daniel R. Miessler (Jan 08)
    - RE: win2k firewall H C (Jan 08)
    - RE: win2k firewall Daniel R. Miessler (Jan 08)
    - RE: win2k firewall Jimmy Sansi (Jan 09)
    - RE: win2k firewall Jason Dixon (Jan 11)
    - RE: win2k firewall David Gillett (Jan 13)
  - re: win2k firewall Theo Spears (Jan 08)
- RE: win2k firewall Mark S. Searle (Jan 06)

(Thread continues...)