Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] web server can't see out but others can see in



> From: Derek Martin [mailto:invalid at pizzashack.org]
> 
> You can't attack a service that isn't
> there, or can't hear you.

Why do we care about having a firewall at all?  Why don't we just shut off services that aren't necessary?

To offer some protection against situations where you didn't intend for a service to be on.  Or - Sometimes there will be a vulnerability in one service that allows an attacker to create files on your system, while a vulnerability in some other service allows an attacker to execute code of some pre-existing file, etc.  

Same reason we care about selinux and apparmor.  They allow you to define what "normal" behavior of the system is, and allow you to deny "abnormal" behavior of your system.  The whole point is to limit the freedom of an attacker, even if they have identified a vulnerability.




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org