Firewalls and Security, Are They Important to YOUR Company? | Linux Today

Firewalls and Security, Are They Important to YOUR Company?

Written By
Web Webster
Web Webster
Oct 22, 2000

[ The opinions expressed by authors on Linux Today are their
own. They speak only for themselves and not for Linux Today or
internet.com. ]

By Kelvin Koh

“We have a $100,000 firewall that can deny all crackers.” Yeah
right. Does it sound familiar to you? Probably.

Businesses of all sorts, from book retailers to banks are
rushing to get on the Internet. Many companies have spent huge sums
of dollars to put up pretty pages, marketing campaigns. However,
there is little effort invested in protecting their new age gems. I
have encountered several companies with big web businesses who
failed to install a single firewall in their premises. After
several days and weeks or persuasion, some heeded my advice to
install firewalls, while some remained complacent about their
‘armoured servers from ABC vendor’.

All security implementations are about striking an appropriate
balance between usability and security. Increased security means
decreased usability. For those who are somewhat protected by a
well-configured firewall, good for you. But it may not be enough.
I’ll show you 3 scenarios where firewalls are not very helpful.

Web Applications

A company places a web application server behind a
packet-filtering firewall, with rules literally denying all packets
except those with a match of remote port 80. While web traffic can
pass through, the network firewall is unable to determine whether
the source packets are from a cracker’s box, thus application
security comes into picture. Web programs written without
undergoing proper security audit, such as CGI forms on a UNIX host
which accepts backticks (“) for processing in situations where
only numbers are needed, are quite likely to be vulnerable to CGI
abuse.

Internal Security

According to an unnamed source, there is a higher probability of
security breaches originating from within the company than from an
external force. Corporate executives often store sensitive data in
their office computers without proper encryption. Emails too,
remain plain text in their email clients. A jealous or abusive
colleague with 24×7 access to the office premises may return at odd
hours to peep into another staff’s computer. Should the company
have enforced a more sophisicated physical access list based on
time and staffs’ position, such cracking attempt can be prevented.
Users who wish to protect sensitive information should turn to
GnuPG, an opensource
alternative to PGP from NAI.

Computer Viruses

In recent months, malicious computer viruses are spreading
rapidly and causing damage to computers all around the world. By
following a computer security bulletin board, you will notice many
of these viruses are placed as attachments in emails clothed with
an innocent outlook. To reduce the risks of transmission through
this popular channel, email gateways should execute virus scanning
to verify the email’s integrity before any user can proceed to
download it. If your MTA cannot accept virus scanning plug-ins,
it’s time to look around.

Firewalls, though unable to ensure 100% security, is highly
important. It serves as the front layer of security. A layered
security approach should be put in use to achieve a higher level of
security.

“Firewalls are not important for old-economoy business…” –
a friend

I beg to differ (no intent of offence to my friend), how do you
define old economy business? Any business which has a
private or public computer network should enforce security
policies, audits, etc, to ensure the integrity of their data. Some
say banks are old economy. It will be disastrous if they
do not have firewalls as part of their information security
enforcement.

Kelvin Koh, 22 Oct 2000.
Comments, thoughts, flames? Email me at kelvin@acks.org.

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.