Tom Kitta said:
> Using just Windows packet filtering is not enough, it is stateless
> and doesn't offer much protection. It is better than nothing at all,
> but not much more.
It is sufficient. If you are suffering from attacks that start messing
with for instance syn flags *and* are subtle enough to pass the
router, you have bigger problems anyway.
> Here is my estimate of the security your windows box:
> 1 no firewall at all
> 2 using MS build-in packet filter
> 3 personal firewall
> 4 using a router with a firewall
> 5 using "real" firewall that is statefull on common OS
> 6 using "real" firewall that is statefull on dedicated OS
> 7 using "real" proxy firewall on common OS
> 8 using "real" proxy firewall on dedicated OS
I would swap 2 and 3.
Also, 4 to 8 might have different positions depending on what you are
ranking exactly. I would rank a Cisco router with dedicated hardware
firewall blades a bit higher as a "real" firewall on common OS.
Jochem
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- OT-Firewall Eric Creese
- Re: OT-Firewall Jochem van Dieten
- RE: OT-Firewall Tom Kitta
- RE: OT-Firewall Taco Fleur
- RE: OT-Firewall Eric Creese
- Re: OT-Firewall Jochem van Dieten
- RE: RE: OT-Firewall Mike Brunt
- Re: OT-Firewall Jochem van Dieten
- RE: OT-Firewall Tom Kitta
- Re: OT-Firewall Jochem van Dieten
- Re: OT-Firewall Jim McAtee
- RE: OT-Firewall Eric Creese
- RE: OT-Firewall Tony Weeg
- RE: OT-Firewall Tom Kitta
- RE: OT-Firewall Nathan C. Smith
- RE: OT-Firewall Alan Rafael Bleiweiss
- RDS looking for disk in A: Drive??? Mark W. Breneman
- RE: OT-Firewall Cary Gordon