You forgot one other problem with software firewalls, Bob:  Since the
firewall is installed on top of the OS it suffers from any/all
vulnerabilities that are present in the OS itself.

On 6/12/06, Robert Everland III <[EMAIL PROTECTED]> wrote:
> I realize you're after an answer for a software based firewall, but what 
> we're trying to tell you in a not so helpful way is that it isn't recommended 
> to put a software firewall on an OS. It adds overheard, can cause 
> instability, and if you're that worried about malware sending things from 
> your box then you have a bigger issue than a firewall will help.
>
> The recommended method is a hardware based firewall, put the server in a DMZ 
> behind the firewall and it's not allowed to be touched with anything besides 
> the approved upon open ports, and put antivirus on the computer. Keep up with 
> updates and patches and your server will be just fine. Also if you can try to 
> move different services to different servers so if there is a 0 day 
> vulnerability it will only affect one server.
>
>
>
> Bob Everland
>
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:243237
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54

Reply via email to