Date: Tue, 24 Jun 2003 10:51:22 -0400 From: Bill Moran <wmoran@potentialtech.com> To: Supote Leelasupphakorn <pjn0211@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: Why must I use firewall ? Message-ID: <3EF8656A.4060702@potentialtech.com> In-Reply-To: <20030624110547.12094.qmail@web40614.mail.yahoo.com> References: <20030624110547.12094.qmail@web40614.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Supote Leelasupphakorn wrote: > Hi, all > > So far, I known firewall is a choice when I want > to protect my boxes from crackers but my question is > if I closed the service I don't use (such as port 25 > for STMP) so the cracker out there can't attack, > what's the reason "firewall" come to play ? First off, you don't have to use a firewall. It's your machine, do whatever you want. Hypothetical example: Some jerk suddenly starts DoSing your server (like SQL slammer, or anything similar) if you already have a firewall setup, you can quickly and easily add a rule to block the attacked port and reduce the dameage. Example #2: Employees are playing Internet games while they should be working. You can quickly add a rule to prevent the game traffic from working. You can even do like I did for a client and add a cron job that allows them to play games during lunch only. Example #3: You want to keep an individual employee from hogging all the network bandwidth. Set up dummynet rules to keep things flowing. Even if you have no _need_ for a firewall, it can be useful. If you can't think of anything to block, I'd just set it up with the "open" ruleset for now. If the time comes when you need to add a rule you can do so in just a minute or so, as opposed to configuring the whole firewall. -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EF8656A.4060702>