Linked by Thom Holwerda on Thu 5th May 2011 21:07 UTC, submitted by sawboss
Games There's fail, there's epic fail, and then there's Sony. You may've thought it wasn't possible, but Sony has just outdone itself on the fail scale, forcing us to add yet another notch. During the congressional testimony this morning, Dr Gene Spafford of Purdue University revealed just how badly Sony managed its Playstation Network servers. It's... Bad.
Thread beginning with comment 472045
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Firewalls
by Soulbender on Fri 6th May 2011 15:28 UTC in reply to "Firewalls"
Soulbender
Member since:
2005-08-18

They don't, in general. It's perfectly possible to make a server secure, from the network perspective, without a firewall. In fact, if a firewall is necessary the person who installed the server didn't do his job. Almost all properly designed software has built-in features for configuring access (tcpwrappers, apache allow/deny etc) and those features should be used.
In a properly configured server the firewall is an optional layer that increases security but isn't a necessity for the secure operation of the server.

Sadly, a lot of people seem to think that a firewall is a magic bullet that will protect your server from all harm and that it is somehow essential.

Of course, application security is an entirely different ballgame.

Reply Parent Score: 2

RE[2]: Firewalls
by WereCatf on Fri 6th May 2011 15:32 in reply to "RE: Firewalls"
WereCatf Member since:
2006-02-15

They don't, in general. It's perfectly possible to make a server secure, from the network perspective, without a firewall. In fact, if a firewall is necessary the person who installed the server didn't do his job. Almost all properly designed software has built-in features for configuring access (tcpwrappers, apache allow/deny etc) and those features should be used.
In a properly configured server the firewall is an optional layer that increases security but isn't a necessity for the secure operation of the server.

Sadly, a lot of people seem to think that a firewall is a magic bullet that will protect your server from all harm and that it is somehow essential.

Of course, application security is an entirely different ballgame.


Installing a firewall is not about protecting the server per se, it's about protecting the network from the server.

Reply Parent Score: 2

RE[3]: Firewalls
by Soulbender on Fri 6th May 2011 15:33 in reply to "RE[2]: Firewalls"
Soulbender Member since:
2005-08-18

I was talking about host firewalls (which i think neolander was asking about) and not perimeter firewalls.

Reply Parent Score: 2