On 4/30/2013 5:54 PM, Joachim Schrod wrote:
John Andersen wrote:
On 4/30/2013 9:22 AM, Anton Aylward wrote:
Now when it comes down to single home machines plugged directly into the Big Bad Wild Internet, yes I agree, they need the firewall ON! That was the great problem with the old Windows machines and the source of so many of the problems that persist to this day.
But Linux isn't windows, and if you know and control exactly what services/ports you have open to the wild woolly world there is no need of a firewall. After all a firewall is usually nothing but a sloppy way of controlling what ports you expose.
A closed port is about as secure as it gets.
Obligatory xckd quote: http://xkcd.com/1200/
You miss the tree for the forest, IMNSHO.
Joachim
Yeah, true enough. But a firewall won't help in any of the cases mentioned in the cartoon. Those "services" all use outbound connections. And if you egress filter their common ports they step to others. A firewall won't protect you from something already running on your machine. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org