[NTLUG:Discuss] Re: firewall/router to protect M$ box

Terry trryhend at gmail.com
Sat Jul 16 12:13:09 CDT 2005 

On 7/16/05, Leroy Tennison <leroy_tennison at prodigy.net> wrote:
> Moses McKnight wrote:
> 
> >Leroy Tennison wrote:
> >
> >
> >>Another issue is that a firewall is only part of the defense because it
> >>is a packet level application.  Configuring a firewall to allow only
> >>inbound traffic on connections you request (my understanding of what spi
> >>really is) has no benefit if you decide to make or accept a "connection
> >>offer" at the application level.  What I mean here is double-clicking on
> >>email attachments, or visiting questionable websites.  For the latter,
> >>the real problem is deciding "what is questionable".  I'm personally
> >>opposed to porn but I have found myself unwittingly landing on a porn
> >>site a couple of times just from my Web searches and mis-typing a "good"
> >>web site's name.  An example of a porn site's "opportunism", if it's
> >>still out there, is whitehouse.com (I believe that's the URL, the
> >>website for the US White House is whitehouse.gov).  You have to think
> >>about the kids here, they will mis-key website names and likely not have
> >>the discretion adults would have about what web sites they visit.
> >>
> >>I'm reading things which say that a proxy has more granular control over
> >>content than a firewall and am considering looking into Squid as a
> >>result.  Can anyone who has experience with Squid  comment on this?
> >>Thanks.
> >>
> >>
> >
> >I don't have a much experience but I set up Squid and Dansguardian on my
> >home network and it seems to work quite well.  Dansguardian is what does
> >the access control and you can download rules and blacklists for all
> >kinds of content and sites you want to block.  I set mine up as an
> >invisible proxy which is nice and seems to work well.  Give me a shout
> >if you want more info and I'll see if I can help.
> >
> >Moses
> >
> >_______________________________________________
> >https://ntlug.org/mailman/listinfo/discuss
> >
> >
> >
> Thank you, I appreciate the feedback and information.  One of these days
> I'll get around to actually setting it up.
> 

"No time like the present"  :)

-- 
<><

More information about the Discuss mailing list