[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Is a firewall necessary with a RaQ?

Subject: RE: [cobalt-users] Is a firewall necessary with a RaQ?
From: "Todd Kirk" <tkirk@xxxxxxxxxxxxxx>
Date: Tue Nov 13 23:21:27 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>> Probably good to close the ports but a firewall does give you 
>> much greater 
>> protection.
 
> Example: Suppose you notice someone poking around your 
> sensitive ports.. go 
> to the firewall rules and block that specific IP from your 
> box in two simple 
> steps.
> 
> Firewalling allows far greater protection than simply turning 
> off ports.

Our 'out-of-the-box' RAQ4R temporarily blocks an IP address when they
'poke' around..like when you get port scanned the IP gets suspended for
about 60 seconds.

I guess the real difference with something like port sentry and IP
chains is that a permanent rule gets automatically created to block that
IP, as you mention above.

A useability thought here - if someone is on a dynamic IP address the
next time they logon (given a fresh IP address) then the firewall would
cease block the correct person...further an innocent person who may have
been assigned the original 'now blocked' dynamic IP could not see your
server and therefore any of or websites!

Is my logic correct here??

 
regards,
 
Todd Kirk

Follow-Ups:
- Re: [cobalt-users] Is a firewall necessary with a RaQ?
  - From: Gerald Waugh
- Re: [cobalt-users] Is a firewall necessary with a RaQ?
  - From: Steve Werby

References:
- RE: [cobalt-users] Is a firewall necessary with a RaQ?
  - From: Wayne Sagar

Prev by Date: Re: [cobalt-users] PHP upgrade on raq3??:wq
Next by Date: Re: [cobalt-users] suid perl - 2 month old hazard
Previous by thread: RE: [cobalt-users] Is a firewall necessary with a RaQ?
Next by thread: Re: [cobalt-users] Is a firewall necessary with a RaQ?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index