2013. június 28., péntek
Host firewalls: last line of defense
Here are just a few thoughts about a host firewall which was triggered after looking at CompTIA Security+ (2011 Objectives) video. The host firewalls are software firewalls on modern OS which must not be turned off. This is a general security best practice which is to be followed by every IT System Administrator in every IT environment. Unfortunately, this totally contradicts poor Matt Hollingdale, a network and system admin from Australia, who recommended the opposite in one of our conversations for Linux iptables: "do not use it, completely turn it off. we don't need it." What are you talking about, man?!??!? Have you completely lost your mind? Did you ever learn basic OS and host security aside from networking and switching? The obvious answer is to this last question is NO. The host firewalls should have a default deny policy with explicit exceptions. You cannot rely on the network firewalls or ISP protection always, as they can be accidentally exploited. You blatantly failed in basic IT security. Please go, get some basic knowledge reinforcements, you'll desperately need it!