On Thu, Mar 08, 2001 at 01:43:37PM -0500, Jerry Winegarden wrote:
> If you are just a single machine, there isn't much to be gained by running
> ipchains. I suppose that you could install a second ethernet card in your
> one machine and then you could be your own firewall. A lot of extra
> effort, but why?
I don't quite understand your statement. If the machine is exposed
somewhere to the point you're telling them to run tcpwrappers, then the
firewall is just as appropriate. And it's quite easy to set up--there
are both web sites that will configure an ipchains or iptables script
for you to get started , or you can download a local utility.
The security from the firewall is integral to the kernel; tcpwrappers is
an "addon".
> If I had more than one box on a LAN and if I had traffic (such as smb)
> that I wanted to protect, the firewall is helpful.
If you need to be protected, I don't see the distinction. "Dirty is as
dirty does".
> Except for security patch updates, properly configured tcpd is the single
> most important thing to do for security. ipchains/iptables may be in
> order in many cases, but certainly not the VERY FIRST THING! :-)
I think this is one of those issues on which we just have to agree
to disagree.
Cheers,
--
Dave Ihnat
[EMAIL PROTECTED]
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
