-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/25/08 14:03, Paul Johnson wrote: > On Saturday 24 May 2008 04:19:20 pm Todd A. Jacobs wrote: >> On Sat, May 24, 2008 at 11:47:05AM -0700, Paul Johnson wrote: >>> I see no advantage to host-based firewalls that couldn't be better >>> served by a router doing filtering at the edge of the network. >>> There's no reason to expose machines directly to the internet. >> >> Internal threats? A compromised host? Lazy sysadmins? Ignorant users? >> How would your perimeter security help there? > > You can't solve social problems with technological means effectively. Odds > are, if they're on your internal network and you consider them a security > threat, you have deeper security problems than can't be solved short of door > locks and ensuring nobody outside can get a connection.
What Todd is referring to is Defense In Depth, i.e. a layered defense. - -- Ron Johnson, Jr. Jefferson LA USA ESPN makes baseball players better. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIObpzS9HxQb37XmcRAjegAJ42pwUH86p6nTJRGuqSXL8wX3RVYwCgztzV 4eikYvGEeduMkPn/ih5EYaY= =EIxf -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
