Our topic last night was: "Firewalls --- why you need 'em, how to defeat
'em".
Three basic types of firewalls:
1. packet filers
a. this is what unix users love to rely on
b. ports, IPs, types of connections (SYN/ACK) (incoming & outgoing) are
intelligently managed
c. efforts made to stop hackers
2. application firewalls
a. essential for windows machines (zone alarm is probably the best, and
it's free)
b. allows/disallows individual applications (Internet Exploder, Word)
Internet connectivity
c. helpful in spotting scripts/viruses attemting to call home
3. proxies
a. shield your client or server from the internet
b. connections are made to the proxy from behind the firewall, and a
second connection is made to the remote server
c. can run insecure app behind a proxy and thus be shielded from remote
exploits (I use this for irc regularly)
It is useful to layer your firewalls (and any other security scheme).
Use of a packet filter plus proxies for your insecure apps make you less
prone to attack. Zone Alarm does this, in that it is both a packet
filter and application firewall.
Just because you have a firewall doesn't mean that you're secure. If
your firewall blocks everything except ssh and http, and your apache
install has exploitable holes in it, you're still going to get cracked.
^C
Stay tuned for exciting scenes from our next episode.
-- Joey Kelly Linux consultant in New Orleans, Louisiana, USA http://kellynet.dhs.org --- Alcohol and Calculus don't mix. Never drink and derive. ___________________ Nolug mailing list nolug@nolug.orgReceived on 10/18/02
This archive was generated by hypermail 2.2.0 : 12/19/08 EST