Changeset 1ea79a1 for postlfs/security/firewalling/intro.xml
- Timestamp:
- 05/30/2004 05:30:47 AM (20 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v5_1, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 1dad4a4
- Parents:
- 4ea49a31
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/firewalling/intro.xml
r4ea49a31 r1ea79a1 5 5 against malicious access by using a single machine as a firewall. 6 6 This does imply that the firewall is to be considered a single point 7 of failure, but it can make the administrator s life a lot easier.</para>7 of failure, but it can make the administrator's life a lot easier.</para> 8 8 9 9 <para>In a perfect world where you knew that every daemon or service … … 11 11 buffer-overflows and any other imaginable problem regarding its 12 12 security, and where you trusted every user accessing your services 13 to aim no harm, you wouldn't need to dohave a firewall!13 to aim no harm, you wouldn't need to have a firewall! 14 14 In the real world however, daemons may be misconfigured, 15 15 exploits against essential services are freely available, you … … 21 21 22 22 <para>Don't assume however, that having a firewall makes careful 23 configuration redundant, nor that it makes any negligent24 misconfiguration harmless , nor that it preventsanyone from exploiting a23 configuration redundant, or that it makes any negligent 24 misconfiguration harmless. It also doesn't prevent anyone from exploiting a 25 25 service you intentionally offer but haven't recently updated or patched 26 26 after an exploit went public. Despite having a firewall, you need to … … 40 40 companies such as Symantec, of which they claim or pretend that it 41 41 secures a home or desktop-pc with Internet access. This topic is 42 highly relevant for users who do not know the ways their computers43 might be accessed via the Internet and how to disable these,44 especially if they are always online and if they areconnected via42 highly relevant for users who do not know the methods their computers 43 might be accessed via the Internet or how to disable them, 44 especially if they are always online and connected via 45 45 broadband links.</para></sect3> 46 46 … … 59 59 performing masquerading or routing functions, but offering a bunch of 60 60 services, e.g., web-cache, mail, etc. This may be very commonly used 61 for home networks, but can definitely not tobe considered as secure61 for home networks, but can definitely not be considered as secure 62 62 anymore because the combining of server and router on one machine raises 63 63 the complexity of the setup.</para></sect3>
Note:
See TracChangeset
for help on using the changeset viewer.