Real dumb question

Real dumb question

Post by herb » Thu, 13 Jul 2000 04:00:00



I have heard of a firewall set up called PMFIREWALL. My question is ,
Wouldn't you need to run such
a firewall on a separate computer to be secure?
 
 
 

Real dumb question

Post by elle.. » Fri, 14 Jul 2000 04:00:00



> I have heard of a firewall set up called PMFIREWALL. My question is ,
> Wouldn't you need to run such
> a firewall on a separate computer to be secure?

The answer is a definite maybe! ;)

As a general rule, yes. But there are some exceptions to that rule
where people don't have enough hardware to strictly follow it. One
example is a home network, where you have a windows machine and a
linux box doing NAT. Since there aren't any local users you're worried
about, it's reasonably safe to do things on the linux box, while the
windows benefits from the packet filtering.

Another possibility is a small business, where the "firewall" is
actually a combination web/email server and packet filter. Here again,
if the web and mail admins are the same person as the system
administrator, which is pretty likely, there's no local users to worry
about.

Basically, having a dedicated firewall machine is ideal, but when
that's not possible, having a non-dedicated one is better than
nothing.

--