The firewall on an isp should be used to block certian out going traffic. Ie if a web server is for only recieveing and never sends out it should not beallowed to send out. If the firewall was right on the web server and the web server was rooted. It could take the firewall down and get full access to the network.
The firewall is used to stop traffic and log traffic. If it runs lots of extra services it will has that much more of a chance to be rooted and disabled. If it is rooted logs can be deleted or edited if they are stored on that machine and they should not be. Sorry for my bad explaintion my english is not the best. Charles Verge The Verge Internet Services http://www.theverge.com The place for your site ! On Tue, 4 May 1999, Ken Stanley wrote: > Just out of curiousity why would you limit a perfectly fine PC > to just run a firewall? You should be able to add other services > along with the firewalled machine and not freak out over security > as bad as long as you set everything up properly. > > Isn't there an old saying, "The program is only as good as the > programmer?" Couldn't that be applied in this case too? > > Personally I run a small local network that has access to the > Internet via one of my Linux machines. This machine also > has a web server, file server, and a FTP server on it too. > > I don't have to worry about security with any of these services > running on the firewall machine because I set each up the way > I needed them to be so that only the correct people get access. > Granted this takes longer then just unpacking and installing the > source of each, but it is well worth it and helps consolidate > the expense of one machine per service. > > Personally I think that putting all your faith about these other > services in one simple firewall is crazy, but that is only me. > > Just a humbled opinion... > > Ken > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
