I don't need no stinking firewall!

Bill Stewart nonobvious at gmail.com
Thu Jan 14 18:26:32 UTC 2010


On Wed, Jan 13, 2010 at 9:37 PM, Warren Kumari <warren at kumari.net> wrote:
> I can now place a checkbox in the "Is there a firewall?" column of the
> <insert random acronym here> audit.

In most cases, you can check the same box if you use an appropriately
designed stateless firewall
instead of an inappropriate stateful firewall.    (Not always, of course.)
And it will keep out some fraction of noise and anklebiters, and
optionally give you a place to hang limited intrusion detection,
without providing an easy path for attackers to crash your connection.



-- 
----
             Thanks;     Bill

Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.




More information about the NANOG mailing list