Re: [fw-wiz] X server in a Firewall
- From: Peter Bruderer <brudy@xxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 25 Jan 2006 08:51:12 +0100
On Tue, 2006-01-24 at 19:57 -0800, John M wrote:
>
> But what do you think about a _local_ GUI
> administration (via X window) in a firewall?
>
> My question was: what is better (or worse), taking in
> account the GUI requeriment: a local X window server
> running in the firewall, to be managed localy(that is,
> no remote access) or a web server, ssh based system
> or another port based in a proprietary protocol, to be
> managed remotely?
>
> Or rephrasing the question: which is riskier?
Software has bugs.
Having X Windows running on a firewall opens a big risk of local
exploits. What's not installed can not be hacked and does not need to be
maintained.
If you cannot manage the firewall without the local GUI, maybe you
should get another product.
There are enough good products, which do not need a local GUI to
administrate the firewall and do not run on a simple not even hardened
version of Linux or FreeBSD.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- Re: [fw-wiz] X server in a Firewall
- From: John M
- Re: [fw-wiz] X server in a Firewall
- Prev by Date: Re: [fw-wiz] X server in a Firewall
- Next by Date: Re: [fw-wiz] RE: IDS (was: FW appliance comparison)
- Previous by thread: Re: [fw-wiz] X server in a Firewall
- Next by thread: Re: [fw-wiz] X server in a Firewall
- Index(es):
Relevant Pages
|
|
