>>>2 questions about this: >>> >>>1. If I set up a firewall appliance with IPcop, can I install Postfix, >>>Amavisd and clamav on it? >> >>And why not Frozen Bubble while you're at it. >> >>Firewalls should be just that, firewalls. The more services run on the >>firewall the bigger risk that it will get 0wn3d. > I came to the same conclusion after another day of reading. I was thinking > about the security distros like ClarkConnect that seem to have firewall and > other apps bundled together. It seemed like a good thing to be able to virus > scan from the firewall so each box on the LAN wouldn't need it's own AV > suite. But then I started to realize what you're saying: Just because the firewall is doing Virus scanning doesn't mean the desktops don't need it. There are ways for viruses to spread that would bypass firewalls (e.g. floppies, usb pen drives, etc...). All security should be designed for depth as well as breadthe (e.g. multiple firewalls [edge of the network, core of the network and at the desktops], multiple virus scanners [preferably different ones like clam and norton to broaden the viruses that could be identified], group policies that prevent users from installing software, etc...) --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss