--- JW <[EMAIL PROTECTED]> wrote:
> At 09:42 PM 9/12/2001 -0400, you wrote:
> >> 7. Firewalls
> >> Need to look into firewalls and packet filters, though I fail to
> have
> >> any confidence in them.
> >
> >You're not running a firewall??
>
> Ah, I knew that would produce results. I admit I have not done a whole
> lot of looking into firewalls, but I must say, they seem to be fairly
Do let us know if you feel the same way once your entire network is
owned.
> useless in my sight. I can only think of one single thing they help:
> we could restrict SSH access to only our office, however we do travel
> and take vacations, and we always take laptops with us so we can log
> in. But since we never know where we'll be logging in from, we have to
> leave SSH access open from all IPs.
Apparently you are not familiar with OTP (One time passwords) and secure
keys.
>
> Tell, me, Would a FireWall have stopped code red? We have to allow
No, using a decent OS would have stopped code red. Here's a newsflash:
Code red only affected M$ servers.
> full access to pop3 SMTP (incoming) HTTP FTP and SSH from everywhere.
And you're tunneling all of the above through SSH correct?
> Tell me, then the next big remote-root-compromise comes out for
> $HTTPd, or PHP, or $FTPd, or $pop3d, or $SSHd, is a firewall going to
> protect us from any of them?
>
> And as far as hiding services from outsiders with a firewall, I have a
> mush better idea: remove the service entirely telnetd being an
> example.
>
> Is a firewall going to protect us from password sniffing?
No, using encryption will.
>
> Is a firewall going to prevent someone who successfully breaks in from
> running a backdoor? I think not, because once they're in they can
> modify the firewall.
And they dont' get in if you know how to properly secure your network.
>
> Please, I'm not saying I know everything. In fact, though it won't be
> 100% true, I'll blanket state that I "know nothing about firewalls.
>
> Now, if anyone has wise things to say about this, can someone answer
> any of my questions above, or tell me some useful things a firewall
> does that I missed, please fire away.
>
> Please be nice about it. I as I said already, I might just simply not
> be aware of the magical things firewalls can do.
So, we have to be nice to you, as you flaunt your ignorance with extreme
arrogance?
>
> Somehow I doubt it though.
Please give me the IP of any one of your servers. I'm kinda bored.
>
> Please don't flame me, I'm not trying to hurt anyones feelings, and I
> didn't say fire walls did nothing. I just don /know/ of anything they
> do.
THen stop shooting off your mouth. THe fact that you are responsible
for any corporate network is truly sickening. Do your superiors know
that you are utterly unqualified for your position?
=====
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lonni J. Friedman [EMAIL PROTECTED]
Linux FAQ & Step-by-step help: http://netllama.ipfox.com
.
__________________________________________________
Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information
http://dailynews.yahoo.com/fc/US/Emergency_Information/
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
