North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: New Computer? Six Steps to Safer Surfing

  • From: Fred Baker
  • Date: Mon Dec 20 12:08:12 2004

At 09:14 PM 12/18/04 -0500, Sean Donelan wrote:
I wouldn't rely on software firewalls. At the same store you buy your computer, also buy a hardware firewall. Hopefully soon the motherboard and NIC manufacturers will start including built-in hardware firewalls.
I guess my question is: why rely on a firewall at all? Yes, a firewall at ingress to a network will reduce the probability or effectiveness of an attack from "outside" in many cases. But in many cases the infection is from "inside", and in any event something in the network or in the end system at the edge of the network can only really address link and network layer attacks effectively.

I personally would far rather presume that the end system is responsible for its own security, and that there are security considerations at every layer. Reduce the incidence and track attacks with network-based tools, but in the final analysis build the applications and stack code to withstand attacks.