[Dshield] "Personal Firewalls" are mostly snake-oil

Erik J. Varney erik at centralsecurity.net
Mon Jul 22 18:23:48 GMT 2002


I have to agree w/ David.  There will always be advantages and disadvantages
to every and any subject brought up for discussion.  Remember to always be
aware of the risks and firewalls are not the end all be all!  LAYER, LAYER!

<snip>
As opposed to that clean, straightforward, uncomplicated model used by the
Baskin-Robbins 33 flavors of Linux?  From my chair, this is a MUCH larger
issue than what O/S is running. Life is hard. Maintaining security on ANY
system that's connected to the net, open source or otherwise, is tedious,
time-consuming and RISKY. I anticipate some will argue that running certain
O/S's requires by nature a greater level of expertise. I would ask those
individuals to examine how they GOT that expertise. It's not like there's a
background process running that pops up after the nth iteration of IPChains
config and tells the user "You're now smart enough to connect to the
Internet". My point: Arrogance and self-delusion are not strictly limited to
Micro$oft users. The scope is significantly larger. I submit it's time for
the camps to declare the "mine's better" argument resolved.






More information about the list mailing list