[Cialug] DMZ, router's firewall and web server's security...

Nathan C. Smith smith at ipmvs.com
Tue Nov 29 08:57:46 CST 2005 

I just have to chime in here with the 'firewal != security pancea' message.

OK, so even if you have a super-swell firewall, it isn't going to help you
if your run an insecure web application on your web server.  Apart from
insecure web-applications there are php and SQL attack possibilities to be
concerned about too.

Many people running apache don't realize what all the options are for and
could easily turn a great many of them off.

I know this first-hand having suffered an attack and subsequent "rooting" of
a box running an older version of the Drupal CMS.

-Nate

-----Original Message-----
From: afan at afan.net [mailto:afan at afan.net] 
Sent: Monday, November 28, 2005 11:02 AM
To: cialug at cialug.org
Subject: [Cialug] DMZ, router's firewall and web server's security...


Hi, 
I just had a talk about my home network and my web server at home and people
I talked to confused me about couple things.
First, one said that setting up web server at home and NOT USING DMZ is
making a hole in my network  and security system. He said that I HAVE to use
DMZ. 
On my modem's setting page though I found that I have to turn DMZ on just in
case I make server for special needs, like gaming server or video
conferencing. 
Do I really NEED DMZ turned "On"? My opinion is that I don't need it for web
server at home. 

Second, other guy was almost laughing at me when I told him that ONLY
firewalls I use in home network are modem's and router's firewalls (I have
Web server on SuSE 9.2 and I have two Windows and one Mac computer in
network). He said that these are something like low-level, low-secure
firewalls and that I have to have something good!. 
When I started using hi speed Internet access (first cable then DSL), and I
talked to people about firewalls, all of them told me the same: my computers
behind modem's and router's firewalls are REALLY safe. I had some period of
time Zone Alarm, but after one guy compared it as "Having 2 spare wheels on
car - it's better then one, but chances to need them both are so small and
not worth to carry 2nd one" - I took it off. 
What do you think? 

-afan

More information about the Cialug mailing list