Supote Leelasupphakorn wrote:
So far, I known firewall is a choice when I want
to protect my boxes from crackers but my question is
if I closed the service I don't use (such as port 25
for STMP) so the cracker out there can't attack,
what's the reason "firewall" come to play ?
First off, you don't have to use a firewall. It's your
machine, do whatever you want.
Hypothetical example: Some jerk suddenly starts DoSing
your server (like SQL slammer, or anything similar) if
you already have a firewall setup, you can quickly and
easily add a rule to block the attacked port and reduce
Example #2: Employees are playing Internet games while
they should be working. You can quickly add a rule to
prevent the game traffic from working. You can even
do like I did for a client and add a cron job that allows
them to play games during lunch only.
Example #3: You want to keep an individual employee from
hogging all the network bandwidth. Set up dummynet rules
to keep things flowing.
Even if you have no _need_ for a firewall, it can be
useful. If you can't think of anything to block, I'd
just set it up with the "open" ruleset for now. If the
time comes when you need to add a rule you can do so in
just a minute or so, as opposed to configuring the whole
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"