On Fri, Apr 19, 2002 at 11:22:56AM -0400, Shawn McMahon wrote:
| begin Noah Meyerhans quotation:
| > HA! That's the most rediculous thing I've ever heard on this list.
|
| "ridiculous".
|
| > The
| > only thing a firewall is good for is to provide you with a false sense
| > of security.
|
| A firewall is a useful tool for securing a network. If you don't know
| enough about security to know that, you shouldn't be pontificating on
| the subject in a public list. Like any other tool, it is neither
| necessary nor sufficient in and of itself.
|
| > If you want to be able to run services like web or mail
| > servers, you by definition must start punching holes in your firewall.
|
| And, of course, opening a single hole in a firewall makes it completely
| useless. NOT. Go away, troll.
Noah isn't a troll. He absolutely right here -- if you run a mail
server, no firewall will prevent you from becoming an open relay.
The only firewall that will prevent your mail server from being an
open relay is one which disconnects the mail server from the rest of
the world (and prevents you from getting any mail at all). If you are
to run a mail server you have to open TCP port 25. Once you've done
that, your firewall doesn't help you on port 25 and you must then look
to other means for securing that part of your system/network.
Noah (and I) didn't say a firewall was useless, just that discussing
firewalls when the problem is a (potential) mail relay is wholly
pointless.
-D
--
Pride goes before destruction,
a haughty spirit before a fall.
Proverbs 16:18
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
