Port blocking last resort in fight against virus

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On Wednesday, August 13, 2003 11:00:56 +0300 Petri Helenius
<pete at he.iki.fi> wrote:

>>> I think filters/firewalls are useful.  I believe every computer should
>>> have one.  

> Firewalls are a patch to broken network application architechture. If
> your applications would have been properly designed, you would not have
> the need for firewalls. They are for perimeter defence only anyway.

The important wording here is "every computer should have one"; indicating
that it is the host that protects itself. This said, I do agree that
properly written operating systems not even need this. One free Unix-clone
I happen to run manages to reach this level of properness; so it is
definitely possible. 

-- 
Måns Nilsson            Systems Specialist
+46 70 681 7204         KTHNOC  MN1334-RIPE

We're sysadmins. To us, data is a protocol-overhead.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030813/d5c769f7/attachment.sig>

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]