keep in mind that absolute minimums are necessary. I have heard of people
who connect several networks to the Internet without firewalls. But to
answer the original question, YES, a firewall is a false sense of security.
If, for example, your firewall blocks everything but ftp to a single
machine, then that ftp could still be hacked.
telnet is also another good example. If you let people telnet into your
network though the firewall, then now they are inside of the firewall and
all commands they issue are also inside of this firewall. I work with a
mixed NT / 95 network (military at that) at work and we have a firewall.
But when I need a file I just log into their telnet session and their Linux
machine then I ftp that file to the real world. So much for that firewall.
In a nutshell, the firewall is an extension to the normal security. I am
not saying to not run a firewall, but by all means make sure the rest of the
network is stable and secure before doing so. Then after the network is as
secure as possible then set up that firewall.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Bill Kocik
Sent: Monday, October 05, 1998 6:36 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: FireWall
> Is there any great advantage to an ISP in running a firewall or is it just
> false security?
> Can they keep a system safe or just add problems or hassels to users and
> staff.
Do not...I repeat, DO NOT connect a network to the Internet without
a firewall. This includes ISP's and web servers. A firewall is like
the absolute minimum first line of defense. Don't leave home without
one.
---
Bill Kocik
Information Systems
Medar, Inc.
E-mail: [EMAIL PROTECTED]
Web: http://www.medar.com
