Further adventures in Firewall upgrades
Dustin Decker
dustind at moon-lite.com
Mon Apr 8 16:36:50 CDT 2002
I'm gonna add my own touch of a rant here as well, but it's bound to be
a short one.
In quickly browsing a list of the various packages and such that the
Mandrake SNF post contained, I see someone breaking some serious "rules"
in the firewall vein. Firewalls are generally meant to be bastion
hosts, with little or no services running on them. Those that are
present obviously need to be hardened. In the event that you actually
get this host up and running, I'm not all that sure I would trust it to
provide signifigant security improvements.
Dustin
--
He who knows not and knows that he knows not is ignorant. Teach him.
He who knows not and knows not that he knows not is a fool. Shun him.
He who knows and knows not that he knows is asleep. Wake him.
More information about the Kclug
mailing list