Linux Today: Linux News On Internet Time.

Security Portal: Firewalls - It's Time to Evolve or Die

Feb 13, 2001, 06:55 (1 Talkback[s])
(Other stories by Kurt Seifried)

"Much may be said for the utility of network protection with firewalls, but too often we forget about the vulnerable, pink, hairless underbelly of the firewall. In this series of articles I will expose the weaknesses that are often ignored. A disclaimer, however: Even though there are many problems with firewalls and they are far from perfect, you are better off leaving them in. Firewalls are better than nothing most of the time. They provide the only major line of defense for many networks (more on this particular issue later), so please do not remove your firewall unless you have given this some serious thought."

"I hope I am being clear enough. If you still think I am advocating the removal of firewalls, stop reading now and please do not email me."

"There was a time (believe it or not) when firewalls were a pretty new concept, and many people thought that only the government, military and other paranoid organizations would ever use them. Then the Internet expanded at a furious rate and all sorts of people become connected, many of whom have hostile intentions. Add to this the sheer number of network services on most networks now (file and print sharing, user authentication, interactive services, email, Web), and there are plenty of services to be exploited and abused. Two primary types of firewall are currently in use: network and application. Firewalls are good at many things, and also very poor at others."

Complete Story

Related Stories: