|
These days, I wouldn't think of connecting to the internet without some type of firewall. Are you asking what a firewall is supposed to do? It basically allows or denies specific types of internet or LAN traffic between the untrusted side of the firewall (usually a DMZ or the Internet) and the "trusted" side of the firewall (usually the LAN, sometimes DMZ). Does one need graphs to see a firewall's effectiveness? Not really. I see proof of my firewall's operation in a number of ways: 1. Services I do not want to let the world see (Windows file sharing, Telnet, general local LAN traffic) are not routed to the internet and are blocked at the firewall 2. I only want specific services "published" to the internet (incoming SMTP, incoming HTTP, incoming Secure Shell). Other access initiated by the outside world are denied. 3. I want to restrict the activities of using the internet with respect to the local network. For example, the firewall can block outgoing Napster/Gnutella/peer-to-peer file sharing (note that p2p over HTTP cannot be blocked). 4. I want to log the kind of traffic occurring between my LAN and the internet. Not necessarily for reason 3, but to say "most internet traffic on our LAN is web surfing related" or "most traffic is email (SMTP) related". A firewall is decent by itself, but its real power comes in play when intrusion detection software is installed. My network at home is constantly barraged by code red type viruses. For me, since I use Apache as a web server on *NIX, those requests are implicitly dropped (no cmd.exe on my system). An IDS can note these occurrences, as well as port scans and direct DOS attacks. I can call up a report of how many times I was attacked, by which method, from which host, etc. Selling point or not, I would not connect a computer "naked" to the internet per the above. I have outlined a general network above, but this also applies to the AS/400. Today, you want as many layers of protection between you and the internet as possible. They won't be 100% effective, in light of finding bugs in published services, setup error, operations error, or outright sabotage, but it greatly reduces the risk. Or did I miss the point entirely? :) Loyd -----Original Message----- From: Booth Martin [mailto:Booth@MartinVT.com] Sent: Thursday, April 11, 2002 10:01 AM To: midrange-l@midrange.com Subject: RE: Firewall in AS400 -- -- [ Picked text/plain from multipart/alternative ] I understand the politically correct position of needing a firewall. The implication of the "firewall" name is that a needed and effective additional level of security is somehow provided by installing a firewall with a wonderful set of graphs that portray horrendous scenarios of a worlwide conspiracy. Is that true? The answer is of course "Yes, dummy, its absolutlely essential." But what does it really do? Does it amount to anything useful from a security perspective? I am completely aware of the political discussions and the sales person's sales pitch. I'd like some facts though. --------------------------------------------------------- Booth Martin http://www.MartinVT.com Booth@MartinVT.com ---------------------------------------------------------
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
