[CentOS] Internet connection sharing?

Tue Mar 8 19:15:53 UTC 2011
John R Pierce <pierce at hogranch.com>

On 03/08/11 10:59 AM, David Brian Chait wrote:
>
> That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.

Corps firewall their unix servers too.   All our public internet servers 
are in a secure DMZ isolated from both our WAN and the Internet.  How is 
that any different?

Millions of users carry Windows laptops and use them at public access 
points daily.   Windows since XP SP2 has had a perfectly decent firewall 
built in and enabled by default.  Anyone sane is running an antivirus 
suite.   Modern web browsers like Google Chrome automatically catch and 
block a lot of web hackery.

Unix, improperly configured, is just as vunerable.  Witness the number 
of users around here who are running 5.2 or whatever without having ever 
installed patches 'because its against XYZ support policy' or something 
equally lame.   The endless list of CERT advisories against popular daemons.