to firewall or not to firewall?
We had a small conflict today at work whether or not there is any major advantage to setup a firewall to a relatively small web server box or to leave it without any.
I was in favor of not to have any firewall, because actually I don't see any major point to simply put a default drop policy and just open port 80.
The only advantage that I can think of is that you can check things like: the sanity of tcp/ip state (ie. not to accept ACKs if there is not even an established handshake, etc), or port scanning or ip spoofing or other similar "silly" stuff.
What do you think?