>Let's say, for the point of demonstration (and what's usually the case), >that the network consists of one box hooked to a broadband connection. >This box is the user's primary computer, used for everything, including the >software firewall. > >A software firewall running on this box has, by definition, *already* >failed its basic "raison d'�tre," if you will. It can't block any traffic >from getting to the box it's supposed to protect simply because *IT IS >RUNNING ON THAT BOX*. In order to detect any of the traffic, it *has* to >let it through, thus compromising the box.
This here is not actually true. DoorStop hacks itself into Open Transport's TCP stack and sits between OT and the networking software. When a packet comes in over the TCP network, DoorStop looks at it and either passes it on or drops it to the floor. The networking software never notices the difference. I used this stuff to share files over IP with a guest account while I was at school, but only to people on campus. Worked like a charm, when I nmap'ed it from off campus, it showed the port closed, but from where it was allowed, it showed the port open. software firewalls aren't totally junk, but unless you have a specific NEED for them, I don't believe in firewalls at all. -Tyler -- Compact Macs is sponsored by <http://lowendmac.com/> and... SPECIAL LIST PRICES - Replacement Apple CDROMs from $19.99, MacOS 8.5 CD $79.99 PPC 5400/200Mhz 16/1.6GB/CD/ENET/L2 $119, 5+ for $99 <mailto:[EMAIL PROTECTED]> Support Low End Mac <http://lowendmac.com/lists/support.html> Compact Macs list info: <http://lowendmac.com/lists/compact.shtml> The FAQ: <http://macfaq.org/> Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive:<http://www.mail-archive.com/compact.macs%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
