Firewall security: Problems with simple Samba file share 3579

John Hasler

Yes, I'm referring to what we've been calling hardware firewalls, which of course really are just dedicated purpose computers and might even be running Linux themselves in some cases.. but at the consumer-small business level usually something like Cisco PIX, Linksys, Mulbreastech, etc. - and most do at least allow remote configuration, contrary to Peter's apparent buttertion that they can only be accessed locally.

But Peter seems to be saying a lot of strange things today - like "a packet is just a packet" and can't be inspected for malicious payload, or that distro updates are all you need in the event of some security exploit in ssh or whatever - those updates must magically get to his machine just before the exploit is discovered. He also seems to know how people want to use their machines, and has told us that the purpose of ssh is to allow access from anywhere in the world - apparently using it locked down to specific IP's is some sort of blasphemy.. and web servers are always for public access only, never for private use..

As I said, Peter has said a lot of strange stuff today.. or I'm just completely misunderstanding him. Some of it seems so incredible I think I have to be..

-- Tony Lawrence