[geeks] Fedora question regarding firewalls in general...
Phil Stracchino
alaric at metrocast.net
Sat Mar 27 12:09:59 CDT 2010
On 03/27/10 09:24, Michael C. Vergallen wrote:
> On 03/27/2010 01:23 PM, Lionel Peterson wrote:
>
>> Your ISP is likely ONLY blocking 'normal service' ports, not all ports,
>> so I'd run a firewall at the ISP connection interface if I were you.
>
> I do this on my gateway machine (sun Ultra 1) witch also acts as a (DMZ)
> for the network. Then I have the 2 server machines (one multimedia
> server on a gigabit network e.i 192.168.1.x, one for my data and all the
> rest 192.168.0.x with a bridge between both segments) who allows only
> local network connections 192.168.x.x.) now in this situation is adding
> extra firewall stuff to the 30 odd machines (The collection) & 5
> workstation4s around the house needed ? to me those machines (Collection
> & workstation's) are not vulnerable to attack or am I wrong ?
EVERYTHING is vulnerable to attack. It's a question of controlling and
limiting the vulnerabilities as best you can, closing holes as you
become aware of them, and proactively planning for security. But there
will ALWAYS be an attack that you haven't planned for because you don't
know it exists.
All you can do is try to be generally secure enough that when someone
discovers the hole and tries to use it against you, they're unable to
exploit it because something else you're already doing breaks the
exploit chain.
--
Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355
alaric at caerllewys.net alaric at metrocast.net phil at co.ordinate.org
Renaissance Man, Unix ronin, Perl hacker, Free Stater
It's not the years, it's the mileage.
More information about the geeks
mailing list