On Saturday 24 May 2008 04:19:20 pm Todd A. Jacobs wrote: > On Sat, May 24, 2008 at 11:47:05AM -0700, Paul Johnson wrote: > > I see no advantage to host-based firewalls that couldn't be better > > served by a router doing filtering at the edge of the network. > > There's no reason to expose machines directly to the internet. > > Internal threats? A compromised host? Lazy sysadmins? Ignorant users? > How would your perimeter security help there?
You can't solve social problems with technological means effectively. Odds are, if they're on your internal network and you consider them a security threat, you have deeper security problems than can't be solved short of door locks and ensuring nobody outside can get a connection. -- Paul Johnson [EMAIL PROTECTED] Explaination of .pgp part: http://linuxmafia.com/faq/Mail/rant-gpg.html
signature.asc
Description: This is a digitally signed message part.
