Re: About utility of a firewall with win2000 server
From: Jeff Cochran (jcochran)
Date: 09/03/02
- Next message: Consultant®: "Re: Lost admin password"
- Previous message: Jeff Cochran: "Re: About utility of a firewall with win2000 server"
- In reply to: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Next in thread: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Reply: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jcochran at naplesgov dot com (Jeff Cochran) Date: Tue, 03 Sep 2002 17:40:31 GMT
>For a standalone computer, you don't need to use a firewall: just stop all
>unnecessary services, close all ports that shouldn't be available to general
>public (hint: use Terminal Serrvices for remote admin). This type of setup
>is generally refered to as bastion host. Sample is at
>http://people.hp.se/stnor/hpntbast13.pdf
There are a lot of attcaks a bastion host has to withstand, using
server resources, that a firewall would protect against. SYN floods,
DOS attacks and so on can bring a bastion host down where a good
firewall will stand.
Bastion hosts are putting all your eggs in one basket. Once they're
in, they're in.
Jeff
- Next message: Consultant®: "Re: Lost admin password"
- Previous message: Jeff Cochran: "Re: About utility of a firewall with win2000 server"
- In reply to: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Next in thread: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Reply: S. Pidgorny [MVP]: "Re: About utility of a firewall with win2000 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
