[BUGS] firewalls

[Jerahmy Pocott]

On 22/12/2007, at 3:20 PM, Dean Hamstead wrote:

> if you audit which ports are open, then you will have a very similar
> affect as just 'blindly' allowing ports you want. as those ports wont
> be open.
>
> so closing everything up is good practice, but a careful audit
> has much of the same results.
>
> this may be considered bad advise, but i would consider not knowing
> what is supposed to be running on your machine to be just as  
> inadvisable!

I would consider that good advice!

A well configured machine does not need a firewall to protect from in  
coming connections. Firewalls are good for protecting a network but  
I'v never seen much point in 'personal' firewalls on internal systems.

Configure your services and know what's running. This should be the  
case with a firewall or not and is far more important than having even  
the greatest firewall ruleset ever..