Home page logo

basics logo Security Basics mailing list archives

Re: Personal Firewall for Business use
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 31 Oct 2003 11:32:36 +0100

On 2003-10-31 Kent James wrote:

And I still fail to see why one would want to use a PF on a server.

I can give you a personal example, maybe trivial but real. Most of the
time I live outside of the US, but my family network in the USA runs,
unattended, on Windows 2000 server with a full-time modem connection
to an ISP. An old version of Tiny Personal Firewall runs on that
server, and successfully protected it from the MS Blaster worm that
hit while I was out of the country.

Why not use a packet-filtering NAT box instead? You are right, that
host-based packet-filtering makes sense in some cases, but even in the
case you described I (personally) would prefer to have the packet filter
on a separate box.

I don't use any of the personal firewall features such as application
checking, just simple blocking of incoming connections that I have
configured directly. So maybe you are correct that there is no reason
to run a "personal firewall" on a server, but this particular
"personal firewall product" had some value to me on a server, mainly
because it was free and available.

I was mainly objecting to the assumption that software is able to block
outgoing connection attempts of trojan horses.

The other nice thing about running TPF is that it has a screen that shows
all of the IP connections, and the traffic on them.

netstat exists.

Ansgar Wiechers

The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]