Re: Hack attempts

[Bruno Wolff III <bruno wolff to>]

On Sat, Jul 24, 2004 at 10:08:48 -0400,
  Jorge Fábregas <fabregasj prtc net> wrote:
> On Saturday 24 July 2004 9:28 am, Edwin Dicker wrote:
> 
> > The last two days i got bugged by someone from korea and someone from
> > japan. his is what i find in my LogWatch :
> 
> Just like Scot says..you should buy a hardware router ..most of them have 
> firewall capabilities built-in.

I disagree. Hardware routers are pretty much just software routers that
you don't (generally) have access to the source for, are harder to update,
and may have backdoors as a recent Netgear model did. The router manufacturers
have incentive to put in backdoors to cut support costs.

There are advantages to having a firewall that is on a separate physical
machine, but hardwall firewalls aren't magically better than locked
down linux boxes not running public services. They may be cheaper, particularly
if you don't have an old box sitting around that you can use for a firewall.

Even having a separate firewall doesn't buy you that much if you are protecting
linux (or BSD) machines as they have very powerful packet filtering software.
The main advantages are some convenience bringing up new machines (as they
can be attached to the network before being fully hardened) and that since
in theory the firewall should be more secure, it is likely to be able to
prevent outbound attacks after a compromise which a packet filter on a root
compromised machine won't be able to do.