[oclug]why firewall?

[gabriel]

i properly configured firewall does more than just lock down ports.  it will 
prevent people from connecting to port 80 with the wrong bits set (ie. FIN, 
ACK, /and/ SYN all set at the same time).  it also protects against DOS 
attacks, again, if configured correctly.  people attacking a port spoofing 
their address can also be filtered out in some cases, and of course, 
firewalls will also let you drop packets coming from hosts you don't want to 
have ANY access to your machine.  they're a good plan, even if you keep your 
software up to date.


On November 29, 2002 10:20 am, Michael P. Soulier wrote:
>     Hey people.
>
>     Everyone seems to put a lot of faith in firewalls to protect them these
> days. I have a question on this issue.
>
>     If the box providing my access is running no services that I need
> internally but not externally, why firewall it at all? If, for example, I
> plan to open port 22 and 80 for sshd and apache, respectively, and run no
> other services, then this box doesn't need a firewall, does it? Traffic
> arriving on other ports will be dropped, and traffic to 22 and 80 are let
> in the firewall anyway.
>
>     Is that a fair assessment?
>
>     I'm asking because I keep hearing people insisting they need firewalls
> when I'm not conviced it will protect them from anything. I only use one
> because I _am_ running services on my firewall box that I don't want
> accessible from the external network.
>
>     Cheers,
>     Mike

-- 
commander, please. on the issue of galactic peace, i am long past innocence 
and fast approaching apathy. it's all a game -- a paper fantasy of names and 
borders. only one thing matters, commander. blood calls out for blood.
	- londo molari, babylon 5 season 1 "midnight on the firing line"