On Sat, 09 Jan 2010 12:11:23 -0000, Keith Edmunds <k...@midnighthax.com> wrote:
> Interesting. Care to summarise how the two methods differ? An example from our coursework - people gained marks for putting a not putting firewall between an internet connect and a web-server. Those who put a firewall between did not receive the marks. Of the people I know who did use a firewall they worked the system internet connection -> firewall -> web server. With access to non-web ports (for remote access - I used 22 for ssh some people used more Microsoft focussed ports - honestly remote desktop on a web server?) only allowed from a restricted list of ip addresses or something. With this mark being 'lost' it was defended for a) security and b) resiliancy. If there is a firewall between the server and the internet then some protection from DDoS and other attacks can be put in place. The lecturer just stood and said, web servers should be open to the web so you don't need a firewall. Like I say, even justified and (personally) correct answer just don't fit into his 10 year old text-books so they are wrong. -- Using Opera M2: http://www.opera.com/mail/ -- Next meeting: Dorchester, Tuesday 2010-01-12 20:00 *New date* Dorset LUG: http://dorset.lug.org.uk/ Chat: http://www.mibbit.com/?server=irc.blitzed.org&channel=%23dorset List info: https://mailman.lug.org.uk/mailman/listinfo/dorset