firewall is safety?

hurtsman · 11-28-2001, 07:13 AM

hi,
all friends saw this.
here i would like to describe my though and my testing. it is only idea. Never you believe or not, firewall for internal is not guard, you can not protect parts of men in internal. If it exist someone can freely go out to browser, others who are banned to go out freely can freely go out by other way. This is because any one can change his ip address and route table in his box, he can change ip and route to that ip can freely go out. These tools are "ifconfig, route , ip , iptables". So these can exist, firewall is guard ? No,No.

do what you can do.

hurtsman( wcpwcp@263.net)
Nov. 28,2001, China.

unSpawn · 12-01-2001, 04:15 AM

Hmm. You mean like using it as a form of "ZoneAlarm" type fw? And how did you test what, and did you test it all as a user or as root?
Maybe you should tell us some more.

hurtsman · 12-02-2001, 04:14 AM

what i mean is so. If you are in a LAN and LAN give some ip to freely browse web(using port 80),all setup is in firewall using ipchains,not squid. If you change ip adress of your box, then you
can also browse web(using port 80). If one can freely change his ip address ant route tables, how do firewall guard you?

hurtsman
Dec,2,2001