> > On Thu, 2005-07-21 at 17:05 -0400, Tim Holmes wrote: > ... > > > > Hi phil -- the firewalls are shut off on all the machines -- we are > > behind a hardware firewall and do not need the internal ones -- as a > > result -- they do more harm than good > > Well, that's not the problem, but a bit of unsolicited/OT advice. Good > security is built in layers. I'm behind a pretty robust center-level > firewall also, but learned the hard way that it is not impervious. > We've had several cases of bad guys getting through the main firewall > and running rampant on the machines inside (mostly those foolish people > that were not up-to-date on security patches, and/or Windoze boxes). I > run local firewalls on each machine I'm responsible for. I like > firestarter for the individual-machine firewalls. Makes it pretty > painless. > > http://www.fs-security.com/ > > Phil [Tim Holmes] Ya -- I hear u on the layers, and If I can ever get things working right, I may very well start turning them on. As it is, right now, Im new to linux admin, and don't need anything complicating things more than they already are. LOL
