Security Basics mailing list archives
Re: what should I do when....
From: "ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>
Date: Thu, 10 Jul 2008 21:11:17 +0530
Wow, its good to know various viewpoints about firewall. I think firewall is absoluetly important and can be considered one of the first layer of defense against common exploits which work on known ports. Again, it all depends how you make use of it and for that you need to know what you are really defending. For example: Stateful firewall perform stateful inspection of packets. ie will only allow internet traffic to come in to the trusted network(inside of firewall) if a connection/session is initiated from one of the pc/machines on its trusted network. So, web initiated evil traffic towards the Firewall will get dropped. Mr. Firewall will fail to do its job if the someone just opens email with worms/virus sitting on the trusted network. If its a trojan making connection from trusted network to internet, Mr. Firewall would not know that :-( . So, we would need additional security devices like IPS etc to monitor such traffic. So in short, firewall is important but not sufficient to protect. Please note there are higher end firewalls ( Juniper SSGs & Cisco ASAs) which can have integrated URL filter,IPS module in it. So, more the $$$ firewall can be armed with more ammos to fight worms/trojans/viruses/attacks etc :-)) Thanks, Adi On Wed, Jul 9, 2008 at 8:30 PM, Adriel Desautels <adriel () netragard com> wrote:
Ansgar, You can not bullet proof a computer system by using a firewall even if you block all traffic to and from that system. In most configurations firewalls block inbound connection attempts to *internal* systems, while they permit outbound attempts from those systems. It is my opinion that firewalls are not security devices as much as they are traffic shaping devices. Their job is to control network connections and the flow of traffic, not to ensure that something can't be hacked. Regards, Adriel T. Desautels Chief Technology Officer Netragard, LLC. Office : 617-934-0269 Mobile : 617-633-3821 http://www.linkedin.com/pub/1/118/a45 Join the Netragard, LLC. Linked In Group: http://www.linkedin.com/e/gis/48683/0B98E1705142 --------------------------------------------------------------- Netragard, LLC - http://www.netragard.com - "We make IT Safe" Penetration Testing, Vulnerability Assessments, Website Security Netragard Whitepaper Downloads: ------------------------------- Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you must know : http://tinyurl.com/26pjsn Ansgar -59cobalt- Wiechers wrote:On 2008-07-08 Weir, Jason wrote:Quote of the day.... "Bullet-proofing your systems is as easy as using a firewall" If it was only true....It is quite true, you're just underestimating the task of maintaining a firewall. Regards Ansgar Wiechers
Current thread:
- Re: what should I do when...., (continued)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- Re: what should I do when.... Mike Hale (Jul 12)
- Re: what should I do when.... Adriel Desautels (Jul 12)
- Re: what should I do when.... Adriel Desautels (Jul 12)
- Message not available
- Re: what should I do when.... Adriel Desautels (Jul 12)
- RE: what should I do when.... Nick Vaernhoej (Jul 11)
- RE: what should I do when.... Sergio Castro (Jul 11)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- Message not available
- Message not available
- Fwd: what should I do when.... Eric Starace (Jul 11)
- Re: Fwd: what should I do when.... Adriel Desautels (Jul 12)
- Re: what should I do when.... ॐ aditya mukadam ॐ (Jul 11)
- Re: what should I do when.... Adriel Desautels (Jul 11)
- Message not available
- Message not available
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 15)
- Re: what should I do when.... Adriel Desautels (Jul 15)
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 15)
- Re: what should I do when.... Dan Anderson (Jul 15)
- RE: what should I do when.... Scott Race (Jul 15)
- Re: what should I do when.... Adriel Desautels (Jul 15)
- RE: what should I do when.... Rivest, Philippe (Jul 10)
- Re: what should I do when.... Ansgar -59cobalt- Wiechers (Jul 10)
- Re: what should I do when.... Adriel Desautels (Jul 11)