On 29/11/02 11:33 -0700, Glenn Valenta wrote: > Also, some people feel that a firewall is unnecessary if you don't run any > services that are vulnerable to attack. The problem with this philosophy is > when someone eventually breaks one of those services. A firewall is a useful tool as part of a security infrastructure. The problem is, no non-application layer firewall will work to protect a vulnerable system from attacks. The only true defense is to run secure code and stay patched, and alert. Read the logs. A packet filter can reduce a lot of noise, but really doesn't add much security unless you are running a DMZ and an internal network which should not have any access to/from the Internet.
Devdas Bhagat
