On Tue, Feb 19, 2002 at 03:30:37AM -0500, James Chacon wrote:
> 
> >
> >If you are that worried about security, you should be behind a good
> >firewall anyway. 
> 
> That only protects against people getting onto your net. 
> 
> If once they get in it's just wide open, whats the point? Each point along
> the way needs security applied to it which includes these "safe" linux hosts.

You can secure your internal network too, and if you don't want them
getting through your firewall, then make sure they don't.

It's inconvienient, but you can go a long way toward at least partial
peer-to-peer security on your local LAN.

I've sat and watched people bang on my NetBSD gateway machine, but they
can't get through.  The biggest reason is that it simply doesn't listen.
It's purpose is for me to get out... :)

I'll worry a little more when/if I get dynamic IP service and actually
run a couple of servers.  I might get a cheap box to act as an inner-ring
gateway and put the public machine on the other side of that.

-- 
UNIX/Perl/C/Pizza__________________________________shannon@widomaker.com