Mike McClain wrote in Article <[EMAIL PROTECTED]> posted to gmane.linux.debian.user:
> I saw this on usenet and wonder about the validity of this statement. > > 'Seriously any system is as secure as the services you export, if you > have nothing listening that can do you harm you are secure...' > > Disregarding email exploits and exploits through your browser is this > true? Assume the hardware is inviolate. Generally speaking, yes, this is true. Though security isn't a one-stop ordeal or something that you can install and make work. It's a continuing process. You never want to be running or even have installed anything that doesn't have any practical use on your system. This is doubly true for network enabled software, especially if it binds to a port and listens. "But I can just install a personal firewall and be safe, right?" I wouldn't trust any user-facing machine to be a firewall, regardless of what the software (usually snake oil[1]) says. Use seperate hardware for your firewall, even if it's just an old Linksys router that's had it's firmware replaced with DD-WRT[2]. [1] http://samspade.org/d/firewalls.html [2] http://en.wikipedia.org/wiki/DD-WRT -- Paul Johnson Email and IM (XMPP & Google Talk): [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
