Firewall Wizards mailing list archives
Re: mitigating the lack of a firewall
From: "Aaron D. Turner" <aturner () vicinity com>
Date: Mon, 14 Feb 2000 15:21:58 -0800 (PST)
Well that depends. Is the site 100% static? If it has cgi's or ASP scripts, those might be exploitable. Does it need to talk to/run a SQL server, dns server, etc? Again, potential expoits. What kind of DoS attacks? Some DoS attacks run very CPU expensive queries which will make your server un-responsive, while others are network based. A firewall isn't likely to stop people from hammering your site, but it can help stop syn attacks. The reality is that a server protected by a firewall is more secure than one not protected. However a firewall isn't the silver bullet that stops all attacks. Wether you need a firewall is dependant on the kind of site, the company, and the purpose. -- Aaron Turner aturner () vicinity com 650.237.0300 x252 Security Engineer Vicinity Corp. Cell: 408-314-9874 Pager: 650-317-1821 http://www.vicinity.com On Sat, 12 Feb 2000, Bruce H. Nearon wrote:
Suppose an Internet site does not have a firewall. Can a securely configured IIS 4.0 server running under securely configured NT 4.0 protect the site from unauthorized access and denial of service attacks? Bruce Nearon, CPA The Cohn Consulting Group Roseland, New jersey
Current thread:
- mitigating the lack of a firewall Bruce H. Nearon (Feb 14)
- Re: mitigating the lack of a firewall R. DuFresne (Feb 15)
- RE: mitigating the lack of a firewall Phil Cox (Feb 15)
- Re: mitigating the lack of a firewall Aaron D. Turner (Feb 15)
- Re: mitigating the lack of a firewall Ryan Russell (Feb 15)
- Message not available
- Re: mitigating the lack of a firewall Marcus J. Ranum (Feb 15)
- Re: mitigating the lack of a firewall R. DuFresne (Feb 15)
- <Possible follow-ups>
- RE: mitigating the lack of a firewall Starkey, Kyle (Feb 15)
- RE: mitigating the lack of a firewall David LeBlanc (Feb 16)
- Re: mitigating the lack of a firewall Malcolm Holser (Feb 17)
- RE: mitigating the lack of a firewall Burden, James (Feb 24)