A Warning: No Silver Bullet Here
I will now try to explain the nature of computer security and how a firewall fits into the picture. The majority of security holes are quite simply caused by bad software. Security holes are not created by 'hackers' or 'crackers'. They merely find and exploit already existing flaws in software. Security holes are usually just bugs or flaws in software itself that can be taken advantage of for malicious purposes.
What a firewall does is try to put up a barrier with the bad guys on one side and your possibly vulnerable software and services on the other. It tries to stop attackers from gaining any kind of access to servers and software running on machines behind the firewall. With no access, attackers shouldn't be able to leverage flaws in the software you are running. Unfortunately this approach of protection by disconnection only goes so far because the whole point of having a network is to allow computers on the network to communicate with each other. Simply put, for the network to be useful you need to put 'holes' in the firewall to allow communication or access between the protected computers and the outside world. A firewall offers no protection from accesses that occur via 'holes' in the firewall. For example, if you are operating a web server that can be accessed from the outside, then the firewall will do nothing to protect you from attacks aimed at your webserver.
A firewall should be just a part of your approach to security, and not the whole thing. Here is a quick list of effective tips to greatly increase the system's security. This advice will also apply to other computer systems too:
Number one. Make sure you get and install security fixes for the software you are using on your computer systems. The best way to stop attackers from exploiting flaws in the software you use, is to remove the flaws. Go to the website for the Linux distribution you are using and go to the security section or updates section regularly to see if security updates, patches, or bug fixes are available. Most modern Linux distributions these days also include tools for automatically checking for software updates. Learn about and use these tools.
Don't install software that you don't need or use. This is especially true for network oriented software like servers and network client software. Most Linux distributions install an incrediable amount software by default. Most of it you won't need. Make sure you uninstall any unneeded software after installing a new Linux system. Another strategy is at install time to choose a 'minimumal' install if your distribution offers that choice, and then after the installation install any additional software that you may need.
The maker of the Linux distribution that you are using will have a security announcement mailing list. Find it on thier web site and join it to hear about security fixes as soon as they become available.
If a piece of software you are using has a bad security record and is still having security problems found in it, seriously consider changing to a better, safer alternative.
If you follow these tips, even without a firewall, your systems be about one hundred times more secure.
|Introduction||Up||Why use Guarddog|