Date: Thu, 19 Sep 1996 23:42:11 +1000 (EST) From: Julian Assange <proff@suburbia.net> To: davidn@sdev.blaze.net.au (David Nugent) Cc: roberto@keltia.freenix.fr, hackers@FreeBSD.org, security@FreeBSD.org Subject: Re: Could use a favor Message-ID: <199609191342.XAA01275@suburbia.net> In-Reply-To: <Pine.BSF.3.95.960918160936.2777O-100000@sdev.blaze.net.au> from "David Nugent" at Sep 18, 96 04:14:38 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'm familiar with the theory of firewalls, but have never run > one so I lack the experience to fully understand this. But this > reply caught my attention. > > Why is an (effectively) disabled firewall "dangerous"? Is it more > "dangerous" or exposed to security problems than a machine that > has been configured without a firewall at all? > > David Nugent, Unique Computing Pty Ltd - Melbourne, Australia > Voice +61-3-791-9547 Data/BBS +61-3-792-3507 3:632/348@fidonet > davidn@blaze.net.au http://www.blaze.net.au/~davidn The problem is that the interface may go up before you have added all your firewall rules creating a window of opportunity for the attacker. -- "Of all tyrannies a tyranny sincerely exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies, The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for own good will torment us without end, for they do so with the approval of their own conscience." - C.S. Lewis, _God in the Dock_ +---------------------+--------------------+----------------------------------+ |Julian Assange RSO | PO Box 2031 BARKER | Secret Analytic Guy Union | |proff@suburbia.net | VIC 3122 AUSTRALIA | finger for PGP key hash ID = | |proff@gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 | +---------------------+--------------------+----------------------------------+
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609191342.XAA01275>