Re: request for pointer to simple firewall info
From: Anonymous Coward (acoward_at_mail.ru)
Date: 10/29/04
- Previous message: PiotrAF: "Re: OpenBSD 3.5 network initial install"
- In reply to: jpd: "Re: request for pointer to simple firewall info"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 29 Oct 2004 03:37:15 -0700
jpd <read_the_sig@do.not.spam.it> wrote in message news:<1098997077.545230@entelocal.ipberlin.com>...
> Also, if you
> have a machine that does certain things (samba share?) for the local
> network but you don't want to provide that to a wider audience, and for
> whatever reason there is no ``shared'' firewall, you might want to use
> one on the local machine.
Understood. My emphasis was on the situation where there is no local
network, and no machines have any special privileges at the network
level.
> There can be more reasons. Mind that a firewall has become a ``must
> have'' in the minds of the great unwashed, for they use systems for
> which they cannot figure out how to properly configure ``the network
> side'', if indeed that is possible at all.
This applies to me, for some of the other OSs I run, so I have an
offtopic (relative to the newsgroup) question: have contemporary OSs
generally solved their tcp/ip stack vulnerabilities, so that they
actually can be run securely without firewalls, as you've explained
openbsd in particular can? The win95 codebase had tcp/ip stack
problems, but my impression is that on contemporary w2k, linux, and
bsd systems, the remote security vulnerabilities are all higher up, at
the application level, in services running on the system and in the
programs to which those services have access (the recent linux 2.6
kernel problem notwithstanding).
- Previous message: PiotrAF: "Re: OpenBSD 3.5 network initial install"
- In reply to: jpd: "Re: request for pointer to simple firewall info"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
