[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security: FreeBSD vs OpenBSD
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Security: FreeBSD vs OpenBSD
- From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
- Date: Mon, 4 Feb 2002 20:20:04 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Mon, Feb 04, 2002 at 01:57:11PM -0500, Brandin L Claar wrote:
> On Mon, Feb 04, 2002 at 04:31:53PM -0200, Luiz Gustavo wrote:
> > Have every machine in your network running IPF or PF looks a bit
> > wacky to me, thats why everyone have some real configured fws
> > around.
> There are good
> reasons for running a monolithic firewall, though. It is a great way to
> obtain some control of a network running Windows or where you don't have
> administrative access to all of the systems.
This is exatcly the point.
I don't have control over all machines here. there are customer machines I
don't have access at all to.
The lesson many many many people have to learn is simple: a firewall is only
part of the puzzle. it does not relax the requirement for host secirity. a
central firewall PLUS secured hosts is IMHO the way to go.
Unix is very simple, but it takes a genius to understand the simplicity.
Visit your host, monkey.org