> -----Original Message----- > From: shrike-list-admin@xxxxxxxxxx > [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of Rodolfo J. Paiz > Sent: Tuesday, October 07, 2003 1:46 PM > To: shrike-list@xxxxxxxxxx > Subject: RE: Which Firewall solutions > > > At 20:22 10/6/2003, you wrote: snip > > If one of your servers is cracked through a vulnerability in > Apache or > Sendmail, then your internal machines are still safe and > protected by the > firewall. The reason this is less secure than Scenario #1 > above is that you > only have one firewall, with free access to all networks; and > if someone > cracks the firewall, they can see and access every machine. > This is OK for > smaller networks (like homes or tiny offices), since a Linux > box which is > really only JUST A FIREWALL and does nothing else is overall > pretty secure > and a low risk. > > IF the network computers are running Windows NT Platform (NT, 2000, XP, or future releases) or Linux boxes, then the internal firewalls on each computer can be activated and provide an additional firewall on the LAN computers. Same is true for the Internet boxes. Close all ports but 80 or whatever is appropriate. Just my 2c worth Buck > -- > Rodolfo J. Paiz > rpaiz@xxxxxxxxxxxxxx > > > -- > Shrike-list mailing list > Shrike-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/shrike> -list > > > -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
