Home page logo

basics logo Security Basics mailing list archives

Re: Reasons for using an external firewall
From: Paul Cardon <paul () moquijo com>
Date: Wed, 20 Nov 2002 09:59:30 -0500

John P wrote:
However in this setup, how much extra protection can an external firewall
give? The machines have to have open ports portforwarded through any
firewall (80/25/etc) and I assume would remain exploitable to buffer
overflows, bug exploits etc. I could restrict access to the other open
system ports and services by turning them off, using ipchains/ipfilter and
hosts.deny etc. DoS situations would be difficult to protect against even
with an external firewall.

What extra security will an external firewall actually provide? I suppose
other nice features like VPN, etc, but what else? It's quite a busy site, so
could ipfilter generate quite a lot of load, which could be shifted onto a
dedicated firewall?

One benefit of an external firewall is to restrict outbound traffic. Some exploits attempt to make outbound connections so having the control on a separate device will prevent these portions of the attack from working. If this control is implemented on the server itself it could be circumvented when the server is compromised.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]