I think firewalls are overrated. They only do anything if there are some *unsecured* computers on your network that need protection. It's better to just lock down every machine, that way you're also protected from internal attacks. Really, the only thing I think that justifies them is port blocking. Your router can already do ip based filtering. Now how do you decide what ports to block? It turns out you have to be a little facist about it. Because you're deciding for other people what ports they "should" be using and which ones they "shouldn't". Windows is an operating system that probably does need protection though.
At 08:31 PM 3/29/00 -0700, Kevin wrote: >router, then to the servers. I'm curious what kind of effect having a >firewalled router will have on the dialup customers as well as certain >servers like a shell provider. Also what would I firewall from the router. >I don't want to really restrict any ports for end dialup users as I've had You can have your firewall restrict ports on a per ip basis. +-------------------------------------------------------------------+ | -=I T ' S P R I N C I P L E T H A T C O U N T S=- | |=- -=ALAN KEYES FOR PRESIDENT=- -=| | Balanced Budgets Personal Freedoms Morality Lower Tax | |=-- http://www.Keyes2000.com. --=| +———————————————————————————————————————————————————————————————————+
