Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
Re: [suse-security] Firewall + server on one machine?
  • From: Eilert Brinkmann <eilert@xxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: 24 May 2000 14:35:01 +0200
  • Message-id: <xttr9asdt3e.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Ragnar Beer <rbeer@xxxxxxxxxxxxxxxxx> wrote:
> To secure my machine as good as possible from the outside world I
> have closed all the ports that I don't need. So the only ports left
> open are ssh, http and https. Above that - does it make any sense to
> install a firewall on the _same_ machine (I can't afford another one
> at the moment)?

With the configuration you describe a firewall will probably not give
you much more protection against incoming connections. However, you
have some more options with a firewall, e.g.,

- additional logging (e.g., to detect attempts to access disabled
services on your machine),

- blocking outgoing connections (e.g., to prevent programs on your
machine from making unwanted transmissions),

- blocking ICMP trafic.

If such points (there may be some more) are of interest for you, it
could make sense to install a firewall.

Eilert
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik
eilert@xxxxxxxxxxxxxxxxxxxxxxxx - eilert@xxxxxxx - eilert@xxxxxxxxxxxxxx
http://www.informatik.uni-bremen.de/~eilert/

< Previous Next >
References