[Techtalk] Personal firewalls: helpful?

Kathryn Andersen kat_lists at katspace.homelinux.org
Mon Jun 6 20:17:42 EST 2005 

On Mon, Jun 06, 2005 at 10:25:09AM +0100, Dan wrote:
> I've heard of Windows users running personal firewalls (i.e.,
> implemented in software). I don't have to worry about that because I
> don't run Windows, but I do wonder whether these personal firewalls do
> any good. Obviously they're not as good as a dedicated machine, but I
> assume they still provide some protection.

Why "obviously"?  I thought that *all* firewalls are implemented in
software -- the difference between a dedicated firewall machine and
"personal firewalls" is that the "personal firewall" software runs on
your own computer, and the dedicated firewall machine has its own
software which runs on *it*, and its only purpose is to run that
software.
 
> Does anyone know what kind of attacks personal firewalls protect against
> (and what kind of attacks they don't)?

I would think it depends entirely on the particular software.
Decent firewall software will defend against all the same kind of
attacks that a dedicated firewall machine will; what firewalls basically
do is open and shut ports, in various different conditions, with varying
sophistication.

My impression (and I'm fairly new at all this) is that there are two
advantages in having a dedicated firewall:
1) they tend to be easier to configure -- more of a "plug it in and let
it run" sort of thing.
2) it provides another layer of insulation, because a separate firewall
machine, with basically very little on it except the firewall software
itself, if someone breaks into that, all they've got is the firewall
machine, and they then have to go one step further in order to break
into the rest of the network.

Though I guess there's also two different kinds of "dedicated firewall"
machines: there's the "let's go buy a firewall" machine (which speaks to
point (1) above), and then there's the "oh, I'm a Linux hobbyist who has
lots of old computers lying around, here, I'll turn this one into a
firewall by installing Linux and just putting the minimal stuff on,
including my favourite firewall software" firewall machine.  That speaks
more to point (2) above.

But for the second type of firewall machine, the firewall software put
on it, would be exactly the same software that one could put on one's
own Linux box without having a dedicated firewall machine.

Kathryn Andersen
-=-=-=-=-=-=-=-=-
Any sufficiently advanced technology is indistinguishable from magic.
		-- Arthur C. Clarke
-- 
 _--_|\     | Kathryn Andersen	<http://www.katspace.com>
/      \    | 
\_.--.*/    | GenFicCrit mailing list <http://www.katspace.com/gen_fic_crit/>
      v     | 
------------| Melbourne -> Victoria -> Australia -> Southern Hemisphere
Maranatha!  |	-> Earth -> Sol -> Milky Way Galaxy -> Universe

More information about the Techtalk mailing list