Re: NT 4 server firewall?
From: Don Kelloway (dkelloway_at_commodon.com)
Date: Fri, 21 Jan 2005 08:08:23 GMT
"Lars M. Hansen" <firstname.lastname@example.org> wrote in message
> On Wed, 19 Jan 2005 20:52:49 -0600, zn spoketh
>>Lars M. Hansen <email@example.com> wrote in
>>> On Wed, 19 Jan 2005 21:49:09 GMT, Alinator spoketh
>>>>on. Don't seem to have much trouble with it.
>>> But does it actually protect something?
>>Are you people dense? How can having an installed software firewall not
>>provide another layor of protection beyond network hardware-based
> Because software firewalls "protect" computers by closing ports. Since
> the thing you seek to protect needs to have the vulnerable ports open,
> the firewall adds no protection to these ports at all, thus leaving the
> system as vulnerable as it was before the firewall was added.
Here's something to ponder...
Take the existing NT4 system which has a single NIC, add an MS Loopback
Adapter and assign it an IP address within the same subnet as the existing
NIC, install/configure the installed application(s) to bind/use the IP
address associated with the Loopback Adapter, install a software based SMLI
firewall solution, configure the firewall to allow only the protocols/ports
for what is required inbound to the Loopback Adapter (AKA the firewall's
protected side) and voila! You've now got yourself an extremely secure NT4
system with protection from external threats.
-- Best regards, from Don Kelloway of Commodon Communications Visit http://www.commodon.com to learn about the "Threats to Your Security on the Internet".