Re: Question About Firewalls and Hacking

From: Fidelio (bart.simpson_at_springfield.com)
Date: 08/13/04


Date: Fri, 13 Aug 2004 10:00:58 +0200

Linux software firewall in a dual ethernet PC and in each PC anti-spyware
software and anti-virus software. This is a solution that could be freeware.

The only problem you will have is day-0 viruses and trojans... then you need
money. I could suggest the instalation at the PCs of host-IDS solution. I'm
sorry but I consider network-IDS systems a complete waste if money.

(I could explain deeply why host-IDS is a good idea and network-IDS is not).

Another recomendation is to use URL filtering systems installed over SQUID
in the Linux firewall to avoid your users to enter in sex/hacking/cracking
web pages.

Regards,
Fidelio

> We want to click anywhere we like and not get infected evne if we know
> this is a trojan. See? Stateful Packet Inspection against any kinf of
> malware would be very safe even if the user deliberately open a infected
> link or attachement.
>
> We must find a way to do this without paying $4500 for hardware firewall
> appliance! :-)
>