>I realize you're after an answer for a software based firewall, but what we're >trying to tell you in a not so helpful way is that it isn't recommended to put >a software firewall on an OS. It adds overheard, can cause instability, and if >you're that worried about malware sending things from your box then you have a >bigger issue than a firewall will help. > > The recommended method is a hardware based firewall, put the server in a DMZ > behind the firewall and it's not allowed to be touched with anything besides > the approved upon open ports, and put antivirus on the computer. Keep up with > updates and patches and your server will be just fine. Also if you can try to > move different services to different servers so if there is a 0 day > vulnerability it will only affect one server. > > > > Bob Everland
Thanks Bob....and we are doing most of that now....I'm simply paranoid and prefer to err on the side of caution...and being a DEV server, performance is less of an issue. A note about my comments on Zone Alarm not allowing malware to "phone home"... I really could care less if it does, but I do like to at least help impede the flow of these things (like back in the days of NIMDA...trapped that sucker so it couldn't send itself out to others...just sat on my drive and self-replicated). Cheers Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [EMAIL PROTECTED] web: www.electricedgesystems.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:243235 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
