Firewall rules

Vernon Schryver vjs@calcite.rhyolite.com
Mon Sep 13 15:45:31 UTC 2004


> From: Richard Underwood 

> > I could accept the word "concern," but not "problem," unless 
> > "problem" is as much about politics and other non-technical 
> > issues as raw technical considerations about what the bad 
> > guys can and cannot do.
> > 
> 	I consider it a problem because it's in some ways worse than having
> no firewall - my opinion being that a false illusion of security is riskier
> than a true impression of having no security. Each to their own, of course.

I agree with that.  The most prevalent current example of the syndrome
is the extremely popular advice to install a "personal firewall" on a
Windows PC to make it completely safe and secure.  Maybe someday
computer security auditing, consulting, and related products and
services have no more snake oil, nonsense, and even fraud as financial
auditing, but I'm not counting on it.


> > You really don't want to get me started on what I 
> > consider...ah...issues in the computer security industry.
> > 
> 	I'll go back to sleep now, then!
>
> 	(Was this off-topic, by the way?)

I think it was relevant.  For example, the public DCC servers see
millions of useless requests from clients behind mis-configured
firewalls.  One of my chores is noticing the worst offenders, nagging
them for a while, and eventually in some cases adding to
http://www.rhyolite.com/anti-spam/dcc/client-blacklist


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.