Security Basics mailing list archives
Re: what should I do when....
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 10 Jul 2008 17:37:54 +0200
On 2008-07-10 Adriel Desautels wrote:
What I said is not wrong, it is actually very accurate.
No.
Firewalls are traffic shaping devices and it is my opinion that they are not security devices. In fact, I'm not sure what you disagree with.
Look up the definition of "traffic shaping" (e.g. [1]). Look up the definition of "firewall" (e.g. [2]). Notice the difference.
I said: "It is my opinion that firewalls are not security devices as much as they are traffic shaping devices. Their job is to control network connections and the flow of traffic, not to ensure that something can't be hacked." You accused me of being wrong, but then you said: "A firewall is the implementation of a concept of what kind of traffic you want to allow or disallow between any two given networks." Isn't that what I said?
No.
You are in fact shaping traffic by controlling what goes in and out. I suppose my use of the term "Traffic Shaping" could be argued.
No. Firewalls accept or deny access based on their ruleset. Traffic shaping devices don't decide whether to accept or deny anything, but modify packet rates in order to optimize network performance and/or bandwidth usage. Two entirely different concepts, using different means to achieve different ends.
I do think that firewalls can be used to enforce certain policies that are security oriented, but firewalls are not in my opinion security devices.
Then your opinion is wrong. Plain and simple. The decision what you want to allow or disallow into or out of your network is by any means a security decision. Firewalls implement and enforce this decision on a technical level and therefore are by definition security devices. [1] http://en.wikipedia.org/wiki/Traffic_shaping [2] http://en.wikipedia.org/wiki/Firewall Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- RE: what should I do when...., (continued)
- RE: what should I do when.... Rivest, Philippe (Jul 04)
- RE: what should I do when.... Sergio Castro (Jul 07)
- RE: what should I do when.... Rivest, Philippe (Jul 07)
- RE: what should I do when.... Sergio Castro (Jul 07)
- Message not available
- RE: what should I do when.... Sergio Castro (Jul 08)
- RE: what should I do when.... Weir, Jason (Jul 09)
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 09)
- Re: what should I do when.... Adriel Desautels (Jul 10)
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 10)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 11)
- RE: what should I do when.... Rivest, Philippe (Jul 11)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- RE: what should I do when.... William Mohney (Jul 11)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- RE: what should I do when.... William Mohney (Jul 11)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- Re: what should I do when.... Mike Hale (Jul 12)
- Re: what should I do when.... Adriel Desautels (Jul 12)
- RE: what should I do when.... Rivest, Philippe (Jul 07)
- Re: what should I do when.... Adriel Desautels (Jul 12)
- Message not available
- Re: what should I do when.... Adriel Desautels (Jul 12)