From owner-freebsd-hackers  Thu Sep 19 06:42:36 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id GAA10060
          for hackers-outgoing; Thu, 19 Sep 1996 06:42:36 -0700 (PDT)
Received: from pdx1.world.net (pdx1.world.net [192.243.32.18])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA10041;
          Thu, 19 Sep 1996 06:42:34 -0700 (PDT)
Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with ESMTP id GAA07112; Thu, 19 Sep 1996 06:42:33 -0700 (PDT)
Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id XAA01275; Thu, 19 Sep 1996 23:42:11 +1000
From: Julian Assange <proff@suburbia.net>
Message-Id: <199609191342.XAA01275@suburbia.net>
Subject: Re: Could use a favor
To: davidn@sdev.blaze.net.au (David Nugent)
Date: Thu, 19 Sep 1996 23:42:11 +1000 (EST)
Cc: roberto@keltia.freenix.fr, hackers@FreeBSD.org, security@FreeBSD.org
In-Reply-To: <Pine.BSF.3.95.960918160936.2777O-100000@sdev.blaze.net.au> from "David Nugent" at Sep 18, 96 04:14:38 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-hackers@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

> 
> I'm familiar with the theory of firewalls, but have never run
> one so I lack the experience to fully understand this. But this
> reply caught my attention.
> 
> Why is an (effectively) disabled firewall "dangerous"? Is it more
> "dangerous" or exposed to security problems than a machine that
> has been configured without a firewall at all?
> 
> David Nugent, Unique Computing Pty Ltd - Melbourne, Australia
> Voice +61-3-791-9547 Data/BBS +61-3-792-3507 3:632/348@fidonet
> davidn@blaze.net.au http://www.blaze.net.au/~davidn

The problem is that the interface may go up before you have added all
your firewall rules creating a window of opportunity for the attacker.

-- 
"Of all tyrannies a tyranny sincerely  exercised for the good of its victims  
 may be the most  oppressive.  It may be better to live under  robber barons  
 than  under  omnipotent  moral busybodies,  The robber baron's  cruelty may  
 sometimes sleep,  his cupidity may at some point be satiated; but those who  
 torment us for own good  will torment us  without end,  for they do so with 
 the approval of their own conscience."    -   C.S. Lewis, _God in the Dock_ 
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff@suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff@gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+