Hack attempts

David Keen zen46443 at zen.co.uk
Sun Jul 25 09:46:13 UTC 2004


On Sun, 2004-07-25 at 08:32, Nifty Hat Mitch wrote:
> On Sat, Jul 24, 2004 at 03:19:18PM -0400, Scot L. Harris wrote:
> > On Sat, 2004-07-24 at 14:30, Jason Costomiris wrote:
> > > On Jul 24, 2004, at 10:08 AM, Jorge Fábregas wrote:
> > > 
> > > > Just like Scot says..you should buy a hardware router ..most of them 
> > > > have
> > > > firewall capabilities built-in.
> > > 
> > > 
> > > People somehow think that because they don't have to load an operating 
> > > system onto a device that it's not just a computer running software.
> > > 
> > > Newsflash: your so-called "hardware router" is nothing more than a 
> > > small-scale CPU, memory, some network interfaces and some sort of 
> > > embedded OS....
> ....
> > Very true.  But such a hardware router is a dedicated appliance with few
> > options and no other task than to provide some protection.  
> 
> One advantage of an inexpensive firewall is safety in the period of
> time when you are setting up a box and have not yet updated all the
> patches and configured the system.
> 
> One disadvantage is that it is one more thing to learn to configure.
> 

It is never bad to have another level of defence between your PC and an
untrusted network, but I ended up switching off the firewall in my
Linksys router because it was dropping ICMP do-not-fragment packets. 
This meant path MTU discovery was not working so Postfix was timing out
after DATA on large emails.

Of course, if you don't run your own mail server this isn't a problem.





More information about the fedora-list mailing list