Quote:
Originally Posted by Steve W
>>>... a firewall is almost pointless in Linux.
Right, that's the line I'm focusing on then.
In reality, I'm more worried about that IP address vulnerability that was revealed for all browsers (regardless of platform) a few months ago. If I download and install Firefox 3 (the latest Linux build on their website is 3.0.3 - that's not the dreaded beta version I've read so much bad press about, is it?), will that vulnerability then be closed?
|
Actually, I think firewalls are essential, even in Linux. There have been MANY machines that I've seen firsthand that have been compromised that have been running Linux. In fact, a simple Nmap scan can offer tons of information against a Linux machine. Such scans give the cracker enough information to make certain determinations (what services to attack, what hosts to scan based on response to the scan...). While you can harden a Linux machine to not offer up such data, the quicker way is to block such activity with a firewall. I'd even suggest that every single Linux machine should run a local instance of Iptables.
Iptables will not stop a majority of application-based attacks. A good example would be MySQL running behind an Apache install (or even one of those applications by itself). Some companies I work with are having issues with SQL calls being made against webservers because the SQL database is offering data to strangers. Situations such as these suggest application permissions misconfigurations.
On the whole, though, a firewall is a good thing. One should not assume that Linux is doing a good enough job on its own. Security should always be a layered process.