On Tue, Nov 04, 2003 at 09:43:46AM -0600, Jeffrey Smelser wrote: > [snip] > Thats because the theory goes, if something happens to one of your partitions, your > not having to fix the entire drive.. Also, you can then mark usr as read only, and > eliminate many of the root kits. > > But then, I hear many times your firewall computer shouldn't run any services.. Yet > I still have not gotten and answer on how forwarding a port to another machine > alleviates getting hacked.. >
I'm not a security guru, but I think the point is to make sure the *firewall* isn't hacked. An uncompromized firewall may limit what an attacker who's compromized a server behind that firewall can do. But a server visible to the outside world is probably not any safer from outside attack whether it's behind a firewall or not. But as I said, I'm not a security guru. If I'm wrong, I'm sure someone will point it out. - PK > -- > [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
