Re: Firewalls, are they really necessary?

From: Walter Mautner (leafnews.20.eatallspam_at_spamgourmet.com)
Date: 12/22/04


Date: Wed, 22 Dec 2004 22:16:10 +0100

Fao, Sean wrote:

> RC wrote:
>> You assume too much. Dont' think of a firewall as just INPUT. OUTPUT
>> is at least as important - ie smbd. Do you follow?
>>
Bad example. You might bloch incoming (requests to port 137:139,445) as well
as outgoing - to the inet interface.
 
>> Of course a firewall is important but connecting to a pop3 port doesn't
>> prove
>> jack. Why run a local mail server at all, with or without a firewall?

Have it here for my own purpose. Hotwayd allows connecting pop3 clients or
local postfix to a hotmail account. At least it will work till spring, when
Microsoft again announced to change protocols ...
Of course, that mail server is only for "local" purpose.

>> If it's running,
>> it's running and will be accessible with or without a firewall. That was
>> my point. That makes the telnetter's example moot.
>
There is another (as I posted) method to resctict access to it to the
internal network. A firewall is just another security layer, and it should
never keep people from thinking.
 
> I think we're simply misunderstanding each other and I apologize for
> getting defensive.
>
> I agree, a POP3 server is *probably* useless if it's not intended to be
> exposed to the outside world. However, in the rare circumstance that aq
> required a POP3 server (learning experience?), a firewall would
> obviously provide another level of protection to ensure that no unwanted
> visitors could read his mail.
>
Yes, butz no "learning experience" intended - hotwayd (google for it) is
just a means to redirect webmail to pop3.

> You call the telnetter's example "moot" because the service shouldn't
> have been running in the first place. Agreed, it probably shouldn't
> have been running; but, it was (and maybe it was supposed to be), and aq
> now walks away with a better understanding of what a firewall can
> protect against. If they were only good for blocking services that
> shouldn't be running, we'd never have a need for them.
>
That service is fine - but restriction to the local network or even
localhost makes the difference :).

-- 
Longhorn error#4711: TCPA / NGSCP VIOLATION: Microsoft optical mouse 
detected penguin patterns on mousepad. Partition scan in progress
 to remove offending incompatible products.  Reactivate your MS software. 
Linux woodpecker.homnet.at 2.6.9-mm1[LinuxCounter#295241]


Relevant Pages

  • Re: keeping ports open
    ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
    (microsoft.public.security)
  • Re: How to Maintain an IIS Server?
    ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ...
    (microsoft.public.inetserver.iis.security)
  • Re: CEICW fails at firewall config
    ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ...
    (microsoft.public.windows.server.sbs)
  • Re: How to Stealth POP3 Port 110 using NIS2000?
    ... explanation for why my POP3 port never seemed to get probed yet showed ... I have NIS 2000 1.0 and I use LiveUpdate to renew it with internet ... I'll probably take your advice and avoid installing a second firewall. ...
    (comp.security.firewalls)
  • Re: How to Maintain an IIS Server?
    ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
    (microsoft.public.inetserver.iis.security)