e-mail on linux box

George Toft plug-discuss@lists.plug.phoenix.az.us
Tue, 03 Dec 2002 08:02:32 -0500


Craig White wrote:
> 
> On Tue, 2002-12-03 at 00:02, George Toft wrote:
> > Craig White wrote:
> > >
> > > On Thu, 2002-11-28 at 11:42, cliff rogers wrote:
> > > > Craig, I have had the ZoneAlarm since I got my cable setup so that I would
> > > > have some protection and I have been concerned about removing it since I
> > > > have been having this problem. I understand that I need to run anti-virus
> > > > software but I'm not sure yet which one I should use- There is a question
> > > > for the list if anyone wants to send me some advice on this I would
> > > > appreciate it. And as far as I can tell, according to Symantec my box is now
> > > > clean. Thanks for the info on the maillog file. I will go and check this out
> > > > and see what I can find. Thanks for all the responses to everyone who did.
> > > > Cliff
> > > >
> > > ----
> > > If you have a windows computer connected directly to the cable modem,
> > > you need ZoneAlarm or something similar - If you have the linux box
> > > 'masquerading' / nat'ing the lan, you don't unless you don't trust your
> > > family or co-workers.
> > >
> > > As for anti-virus, one was mentioned already but why put windows
> > > anti-virus up to a vote on a linux message list - Why not just figure
> > > any current anti-virus software will be better than what you have now -
> > > none
> > >
> >
> > My philosophy is to protect the boxes on my LAN as if the firewall did
> > not exist for if it were to be compromised, it surely would not exist
> > anymore.  Yes, I have two firewalls.  Keeping ZoneAlarm is not bad
> > thing, but I would be very suspicious if it ever went off behind the
> > properly configured Linux firewall.
> >
> -----
> I suppose but when we are talking newbie...that firewall is gonna cause
> a lot more problems than it will ever solve.
> 
> Consider the typical computer user with Zone Alarm or Norton Personal
> Firewall...
> 
> a packet from 192.168.1.3 is attempting to access port 139
> <DENY>  <DENY ALWAYS>  <ACCEPT>  <ACCEPT ALWAYS>
> 
> a packet from 65.1.1.86 is attempting to access port 139
> <DENY>  <DENY ALWAYS>  <ACCEPT>  <ACCEPT ALWAYS>
> 
> Do you think that a newbie will know the difference?
> 
> need I go on?
> 
> Craig
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


Both are bad, but at least the newbie will have ample warning that
something is wrong, and he/she can post a message here and get some
advice.  I was lucky when I was a newbie - I had some redundancy when my
firewall was rooted.  Redundancy is a very important part of security.

George
-- 
This e-mail message certified virus-free 
as it was generated on a Linux system.