Mailing List SIMS@mail.stalker.com Message #5677
From: Bill Cole <listbill@scconsult.com>
Subject: Re: Two internet connections (mulihoming)
Date: Tue, 28 Mar 2000 18:34:13 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
>> The other thing that IPNetRouter does is allow you to reassign ports and
>> act as a firewall.
>>
>> For example, if your ISP blocks port 25 you could have your
>> incoming email
>> come to, say, port 31337 (;-) and have IPNetRouter route that
>> port to port
>> 25.  This can be very useful.  It's ability to act as a firewall is also
>> rather cool, and alone is probably worth the purchase price of $89.
>>
>> Add to that the fact that the author is very responsive, helpful, and an
>> all around nice guy and you've got numerous reasons to buy the software.
>
>While this is a good point, has anyone ever found that they HAD to have a
>firewall on their Mac servers?

Yes.

>I see lot's of value in port mapping, but I
>still don't hear any hack problems on mac's (I think the US Army switching
>from NT to Macs due to hack problems is still fairly infamous - although why
>they didn't just install I firewall I find odd).  Denial of service maybe,
>but that most frequently tends to hit webservers, and I don't know about
>webstar, but our Webserver4D is fairly immune to non-distributed DOS attacks
>(meaning request more than x number of simultaneous connects and your IP is
>added to an ignore list)

Actually cracking a Mac is usually rather hard, but crashing one is not so
hard, and many of the DoS attacks do not depend on getting answers from
any server process. A firewall that stops bogus packets of various sorts
is essential for any network that is worth protecting.

--
Bill Cole

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster