Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: mitigating the lack of a firewall

From: "Aaron D. Turner" <aturner () vicinity com>
Date: Mon, 14 Feb 2000 15:21:58 -0800 (PST)

Well that depends.  Is the site 100% static?  If it has cgi's or ASP
scripts, those might be exploitable.  Does it need to talk to/run a
SQL server, dns server, etc?  Again, potential expoits.  What kind of
DoS attacks?  Some DoS attacks run very CPU expensive queries which
will make your server un-responsive, while others are network based.  
A firewall isn't likely to stop people from hammering your site, but
it can help stop syn attacks.

The reality is that a server protected by a firewall is more secure
than one not protected.  However a firewall isn't the silver bullet
that stops all attacks.  Wether you need a firewall is dependant on
the kind of site, the company, and the purpose.

-- 
Aaron Turner        aturner () vicinity com  650.237.0300 x252
Security Engineer                         Vicinity Corp.        
Cell: 408-314-9874  Pager: 650-317-1821   http://www.vicinity.com

On Sat, 12 Feb 2000, Bruce H. Nearon wrote:


Suppose an Internet site does not have a firewall.  Can a securely
configured IIS 4.0 server running under securely configured NT 4.0
protect the site from unauthorized access and denial of service attacks?

Bruce Nearon, CPA
The Cohn Consulting Group
Roseland, New jersey
Previous By Date Next
Previous By Thread Next

Current thread: