1 |
On Thu, 2007-12-13 at 13:09 -0600, Dan Farrell wrote: |
2 |
> On Sat, 8 Dec 2007 13:41:06 -0500 |
3 |
|
4 |
> |
5 |
> I don't run iptables on my laptops. Instead, I choose to run only a |
6 |
> few secure services and then proceed to not worry about it. |
7 |
> |
8 |
hmmm - another target. |
9 |
|
10 |
Firewalls can be viewed as a waste of time on a perfect system - but |
11 |
what system is ever perfect? |
12 |
|
13 |
Can you guarantee that no services that are untrustworthy will EVER run |
14 |
on the machine - think accidental installs? A couple of years back we |
15 |
(local lug) had an incidence of a windows virus listening on a network |
16 |
port of a linux machine - apparently something to do with running an |
17 |
infected application under wine. Its what you dont know that will bite |
18 |
you. |
19 |
|
20 |
Can you guarantee that there is never a bug in your software that might |
21 |
leave you exposed? |
22 |
|
23 |
Can you guarantee that you have have NEVER mis-configured a service or |
24 |
application? |
25 |
|
26 |
Thought not ... |
27 |
|
28 |
Think layered defences |
29 |
BillK |
30 |
|
31 |
|
32 |
-- |
33 |
gentoo-user@g.o mailing list |