On Sat, 2004-09-11 at 16:42, Paddy wrote:
> snip;
> If you run a full stateful firewall w/ nat any packets that come to your
> firewall that were not requested by your machine will get dropped at the
> external interface and even Mickey$oftwon't be able to do anything about it.
_If_ the connection is initiated _externally_. _If_ the connection is
"polled" by the system on your network, then it doesn't matter.
Hence why network firewalls are _useless_ without _at_least_ some
network IDS.
-- Bryan J. Smith b.j.smith@ieee.org ------------------------------------------------------------------ "Communities don't have rights. Only individuals in the community have rights. ... That idea of community rights is firmly rooted in the 'Communist Manifesto.'" -- Michael Badnarik----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:28:39 EDT