Date: Tue, 19 Nov 2002 09:15:22 +0000 (GMT) From: Avleen Vig <lists-freebsd@silverwraith.com> To: Pierrick Brossin <pbrossin@swissgeeks.com> Cc: Giorgos Keramidas <keramida@ceid.upatras.gr>, Greg 'groggy' Lehey <grog@FreeBSD.ORG>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: FreeBSD Easy Server Message-ID: <20021119090804.T53207-100000@apple.silverwraith.com> In-Reply-To: <1037693245.3dd9f13d570f2@www.swissgeeks.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Nov 2002, Pierrick Brossin wrote: > > Then don't enable one. A badly configured firewall is arguably worse > > than no firewall at all. > wow no firewall is such a nice idea. > just kidding.. your server is then open to anyone. Errrr.. The only real benefits you get from a firewall are: 1) controlling which IP addresses can access a service 2) *maybe* bandwidth shaping. *maybe*. 3) packet re-writing. 3) is one of the least used in my experience (having worked as a security officer for several years). 2) arguable whether this is part of your filtering firewall or the routing mechanism within the firewall. 1) Unless you're running a service that you want to restrict the service to specific IP's, and that applications doesn't understand TCP wrappers, this doesn't help. 'man blackhole' too To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021119090804.T53207-100000>