Chang wrote: % you were taklomg about damages from within? well... what can I say... % % > Relying on a firewall alone is not "security" to any kind of professional % > industry standard. Unfortuantely, it is a v ery common configuration.
No, what Burns meant (if I may) is that far too many organizations believe a firewall is sufficient protection against attack, which it isn't. If your only security tool is a firewall, you have nothing to protect your internal network once the firewall is breached -- under sustained attack, *any* net-connected firewall can be breached -- so, for example, those clear text passwords that telnet and the r* services pass around are easily snooped. On the other hand, if you disable telnet and r* services internally and required the use of SSH, packet sniffers won't catch clear text passwords because their aren't any to catch. Properly conceived security is comprised of layers of protection, not some electronic equipment of the Maginot line that airplanes can fly right over. Kurt -- Never make anything simple and efficient when a way can be found to make it complex and wonderful. _______________________________________________ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
