e-mail on linux box
Craig White
plug-discuss@lists.plug.phoenix.az.us
03 Dec 2002 01:02:38 -0700
On Tue, 2002-12-03 at 00:02, George Toft wrote:
> Craig White wrote:
> >
> > On Thu, 2002-11-28 at 11:42, cliff rogers wrote:
> > > Craig, I have had the ZoneAlarm since I got my cable setup so that I would
> > > have some protection and I have been concerned about removing it since I
> > > have been having this problem. I understand that I need to run anti-virus
> > > software but I'm not sure yet which one I should use- There is a question
> > > for the list if anyone wants to send me some advice on this I would
> > > appreciate it. And as far as I can tell, according to Symantec my box is now
> > > clean. Thanks for the info on the maillog file. I will go and check this out
> > > and see what I can find. Thanks for all the responses to everyone who did.
> > > Cliff
> > >
> > ----
> > If you have a windows computer connected directly to the cable modem,
> > you need ZoneAlarm or something similar - If you have the linux box
> > 'masquerading' / nat'ing the lan, you don't unless you don't trust your
> > family or co-workers.
> >
> > As for anti-virus, one was mentioned already but why put windows
> > anti-virus up to a vote on a linux message list - Why not just figure
> > any current anti-virus software will be better than what you have now -
> > none
> >
>
> My philosophy is to protect the boxes on my LAN as if the firewall did
> not exist for if it were to be compromised, it surely would not exist
> anymore. Yes, I have two firewalls. Keeping ZoneAlarm is not bad
> thing, but I would be very suspicious if it ever went off behind the
> properly configured Linux firewall.
>
-----
I suppose but when we are talking newbie...that firewall is gonna cause
a lot more problems than it will ever solve.
Consider the typical computer user with Zone Alarm or Norton Personal
Firewall...
a packet from 192.168.1.3 is attempting to access port 139
<DENY> <DENY ALWAYS> <ACCEPT> <ACCEPT ALWAYS>
a packet from 65.1.1.86 is attempting to access port 139
<DENY> <DENY ALWAYS> <ACCEPT> <ACCEPT ALWAYS>
Do you think that a newbie will know the difference?
need I go on?
Craig