On 8/04/2009, at 10:32 AM, Karl Auer wrote:
I'd be interested to hear why people use firewalls. I've never felt
the
need, myself - am I living in a fool's paradise?
End hosts are not always trustworthy.
If a host is compromised, should it be able to send anything and
everything out to the public network?
If a host is a desktop PC controlled by an end user, should it be able
to send and receive anything it wants?
IMO, host based filtering and ACLs (either firewalls or router ACLs or
whatever) in the network should both be used. They fulfil different
needs.
--
Nathan Ward