PDA

View Full Version : Care/encryption of firewall rules



AndyHancock
04-27-08, 08:11 AM
Kerio encrypts the firewall rules on-file by default. Instructions on
the web for decrypting them contain a step seem to imply that
disabling them should be temporary. Considering that many security
experts publish good sets of rules, and the fact that home users
normally often don't have the same IP address from one DSL session to
the next, how important is this encryption really? This question is
motivated by the idea of saving an unencrypted copy of the rules as an
email on a mail server somewhere (not my own, of course).

Sebastian G.
04-27-08, 08:32 AM
AndyHancock wrote:

> Kerio encrypts the firewall rules on-file by default. Instructions on
> the web for decrypting them contain a step seem to imply that
> disabling them should be temporary. Considering that many security
> experts publish good sets of rules, and the fact that home users
> normally often don't have the same IP address from one DSL session to
> the next, how important is this encryption really?


Considering that Kerio doesn't consider remote DoS as important either, it's
obviously misguided and misplaced.