Re: Firewall and email/file servers on same machine?

From: James Knott (
Date: 01/15/05

  • Next message: "NOQUEUE: POSSIBLE ATTACK from remotehost: newline in string "some_random_string\r ""
    Date: Sat, 15 Jan 2005 08:12:28 -0500

    markp wrote:

    > Is it better from a security point of view to have physically separate
    > machines for the firewall and servers, or can these be in the same
    > physical machine without compromising security? I've heard that physically
    > separating them is good practice, but is there a genuine security reason
    > or is this just a maintenance issue?

    Firewalls should not be running anything not related to the firewall
    funtion. The more you install or run, the greater the possibility of a
    security risk. Ideally, you'd even forward vpn and ssh access to another
    box, rather than allow it on the firewall.

  • Next message: "NOQUEUE: POSSIBLE ATTACK from remotehost: newline in string "some_random_string\r ""

    Relevant Pages

    • [REVS] Bypassing Client Application Protection Techniques
      ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    • Re: Recycler security issues on IIS server
      ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    • Re:RE : suggestions on a good firewall
      ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
    • Why hasnt Symantec addressed nastier Messenger spoofs
      ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
    • Re: Service pack 2 (XP)
      ... I have a 'theory' that SP2 has a LOT to do with firewall and new browser ... besides those security features. ... The operative word is SPYWARE. ...