24 Feb
2010
24 Feb
'10
11:03 a.m.
On Feb 25, 2010, at 1:06 PM, Gerard Creamer wrote:
Has some major thing happened and I missed it in terms of server security, or am I reading your statement incorrectly?
Stateful firewalls make no sense whatsoever in front of servers, since every incoming packet is unsolicited. Instead, the OS should be locked down, as should the apps/services, and policy should be enforced via stateless ACLs in hardware-based routers.
-----------------------------------------------------------------------
Roland Dobbins