[Samba] Firewall rules to block other's computers browse list
David Christensen
dpchrist at holgerdanske.com
Mon Jul 27 19:08:41 MDT 2009
John H Terpstra wrote:
> Please help us to understand why an Internet firewall should be a
> dedicated machine. There might be one or two people on this list who
> would disagree with this assertion.
I smell flame bait... ;-)
Simply put, because an Internet firewall is providing a security
function and if there is a mistake, security suffers. The more software
you put on any machine, the more opportunities there are for Murphy's
Law to operate. Thus, IPCop, Smoothwall, and other router/ firewall
distributions are deliberately stripped-down to the bare essentials.
All included software is carefully selected and tested for security and
stability. Furthermore, a good web UI makes it easy for the end-user/
administrator to configure the router/ firewall as desired without
having to worry about arcane packet filtering syntax, dependencies,
restarting services, etc.; thus reducing the likelihood of
mis-configuration.
I've done the Linux combination firewall/ router/ server in the past;
IPCop and a leftover machine is *so* much easier, and I sleep better at
night. :-)
HTH,
David
More information about the samba
mailing list