[afnog] https through NAT
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Oct 11 06:44:04 UTC 2012
On Wed, Oct 10, 2012 at 10:28:55AM -0700,
Scott Weeks <surfer at mauigateway.com> wrote
a message of 62 lines which said:
> By configuring "a default rule with all ports and protocols accepted
> from anywhere" you have effectively removed the firewall from the
> network. It's as if the firewall doesn't exist.
Most firewalls are just there for "security theatre". The management
is happy because they spent money and they feel safe, that's all.
Most attacks come from the inside, anyway. Firewalls are the modern
equivalent of the roman wall around the Empire. May be useful against
barbarians at the gates but not against internal plots or civil wars.
More information about the afnog
mailing list