Cool. Thanks for the quick reply. And now to throw a little flame bait to all the cyber security fishes. Are, or can, proxy based firewalls be less secure because they are running a proxy service?
Which brings me to a question I've been wanting to ask for a long time. If you read firewall books, docs, lists, etc, people often say that you shouldn't run anything on your firewall box. No services, etc. So if I have one machine running iptables and I want to run squid or an NIDS or HIDS I should have a second machine for each "service". If I just have a home machine is it o.k. to run that stuff on it? My scenario is just a home machine with a dialup connection. I'd like to run iptables, maybe squid for setup experience, nmap and maybe snort and tripwire. Not sure if snort is just NIDS or HIDS as well. If it does HIDS and NIDS then I would run it alone. Thanks. Steve >From: "Steve Bremer" <[EMAIL PROTECTED]> >To: "Steven Ackerman" <[EMAIL PROTECTED]> >CC: [EMAIL PROTECTED] >Subject: Re: Cracking Servers W/O open ports: Packet Filter Firewall >Date: Fri, 12 Jul 2002 14:20:10 -0500 > > > > > solution, right?) and so they are very difficult to crack. Could you > > please elaborate on that. > >Sure can. I left out a word in that sentence. I meant to say: > >"Machines that are used as a packet filtering firewall often fall into >this category." >^^^^^ > >I say that because often times, at least in my experience, a packet >filtering firewall is configured with no services running so that they >become very difficult to attack. > >Steve Bremer > _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
