Fwd: what should I do when....

["Eric Starace" <gpz1100.rider () gmail com>]

First, blocking all traffic in and out would really defeat the purpose
of having the host/server/workstation/whatever on a network.  Save
yourself some money and remove your firewall, routers and ISP service
if that is what you are currently doing.

Second, when thinking security you would be a fool if you were just
thinking about overt malicious threats from outside of the network.
You must layer security and never rely on a single solution.  You'll
get bitten and not realize it until your way over your head.


On 7/10/08, Sergio Castro <sergio.castro () unicin net> wrote:
> Let me try to understand what you are saying. If you block ALL traffic,
> inbound and outbound, with a firewall, how then, would a hacker get into the
> system?
>
> -----Mensaje original-----
> De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
> nombre de Adriel Desautels
> Enviado el: Miércoles, 09 de Julio de 2008 10:00 a.m.
> Para: Ansgar -59cobalt- Wiechers
> CC: security-basics () securityfocus com
> Asunto: Re: what should I do when....
>
> Ansgar,
>        You can not bullet proof a computer system by using a firewall even
> if you block all traffic to and from that system. In most configurations
> firewalls block inbound connection attempts to *internal* systems, while
> they permit outbound attempts from those systems.
>
>        It is my opinion that firewalls are not security devices as much as
> they are traffic shaping devices. Their job is to control network
> connections and the flow of traffic, not to ensure that something can't be
> hacked.
>
> Regards,
>        Adriel T. Desautels
>        Chief Technology Officer
>        Netragard, LLC.
>        Office : 617-934-0269
>        Mobile : 617-633-3821
>        http://www.linkedin.com/pub/1/118/a45
>
>        Join the Netragard, LLC. Linked In Group:
>        http://www.linkedin.com/e/gis/48683/0B98E1705142
>
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
> Netragard Whitepaper Downloads:
> -------------------------------
> Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you
> must know  : http://tinyurl.com/26pjsn
>
>
> Ansgar -59cobalt- Wiechers wrote:
> > On 2008-07-08 Weir, Jason wrote:
> > > Quote of the day....
> > >
> > > "Bullet-proofing your systems is as easy as using a firewall"
> > >
> > > If it was only true....
> >
> > It is quite true, you're just underestimating the task of maintaining
> > a firewall.
> >
> > Regards
> > Ansgar Wiechers
>
>
>
> __________ NOD32 3257 (20080710) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com