firewall cannot protect again this type of attacks.
Remote - Your host is listening on a port that the attacker is able to connect to remotely over a network and exploit a vunerability somehow. This is the only type of attack a firewall can (hopefully) protect you against. There is another important point here that most firewall howtos neglect. In order for someone to exploit your box remotely, it has to be listening on some ports (i.e. providing a way for an attacker to connect). Therefore, if your host isn't listening on any ports, you are safe from remote exploits (unless the attacker manages to attack the network stack itself).
为何需要防火墙?
提高网络安全 - 某些服务有着固有的风险,不可能作到安全性。防火墙可以帮助你提高网段或部分网络的安全性。
网络访问控制 - 防火墙可以强制性的在网络中应用安全规则。
日志记录 - 由于防火墙检测所有入站/出站的网络通讯,它可以记录网络中的活动。页码:[1] [2] [3] [4] [5] [6] [7] [8] 第2页、共8页 |
