On Wednesday 13 August 2003 08:18 pm, morning_wood wrote: > re - Zone Alarm > > buy a $40 hardware router. Software firewalls are not a = > security solution IMHO." > > http://www.netsys.com/full-disclosure/2003/06/msg00074.html >
No... But they ARE a part of a 'defense in depth' stance. I don't want the elastic/evaporating perimeter to be the only thing in front of a chewy center. All machines should be hardened and defended - regardless. I got working IPChains, pf/ipf and Tiny , on every workstation. I have a big FW at the edges, which in turn screens different service nets - each walled by protocol from my server and user segments. I bet you don' do it much different. I am built the same at home... -- Jeremiah Cornelius, CISSP, CCNA, MCSE farm9 Security email: [EMAIL PROTECTED] - mobile: 415.235.7689 "What would be the use of immortality to a person who cannot use well a half hour?" --Ralph Waldo Emerson _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html