Firewall Wizards mailing list archives
Re: Teaching Firewalls (was: Firewall for Pedagogical Purposes)
From: "neil d. quiogue" <neil () iphil net>
Date: Tue, 13 Jan 1998 13:03:49 +0800 (HKT)
On Mon, 12 Jan 1998 chuck+fwwiz () snew com wrote:
Never used Juno. Remember that the TIS FWTK is a toolkit - not a firewall, but a set of proxies that go onto a secure machine. Adding it to an unsecure machine means you have an unsecure machine running (secure) proxies.
*sigh* yes i know (that's what's the tk stands for).
For teaching, I'd think it far more important to teach (just an off the cuff list): - TCP/IP and how it works - Filtering techniques (and why); - Various (common) protocols and their weaknesses and strengths. - Monitoring techniques (with IP security issues in mind)
these are all important foundations in learning to secure your system. in fact, each _good_ system administrator should know about these much more a security consultant (and other titles). but one would question as to the depth of teaching these @ a particular length of time and how. in my experience, it's better to teach the concepts and basics of applying these in a test system through some set cases (case studies). let them gain experience in the 'real world' (with consultation and mentoring)then it's time to tackle them in depth discussing the rudiments of this technologies (e.g., protocols, algorithms) which allows the information gathered to be inculcated instead of just spoon feeding everything within a limited period of time. as such, teaching firewalls would only a subset of a full security course that would span for quite some time but would not be continuous in the sense that _students_ would be allowed to gain the prerequisite experience before going to the next level. this i believe is the ideal setting for a _good_ security course but being in a country without the requisite _experts_ and _training courses_, i don't know about other people's experience on such courses.
I offer this because I have cleaned up firewalls set up by "trained" people who shouldn't pass a CNE test, who shouldn't be an SA. To
that is why these tests won't gauge the overall capability of the person through a certain period of time (i.e., experience). [RFS] in any case, this is sort of a plug for a request for speakers for the joint PHCERT & APNG (Philippine CERT & Asia Pacific Networking Group) security conference this november 1998. this is being finalized and presented to the APNG meeting this february in Manila, Philippines. upon mjr's approval, i'll be sending a proper announcement for the RFS. fyi, william church and mjr spoke on the first APNG security conference together with the national university of singapore. for this, please email me personally. [---] Neil D. Quiogue <neil () iphil net> IPhil Communications Network, Inc. Other: neil () postgresql org
Current thread:
- Firewall for Pedagogical Purposes neil d. quiogue (Jan 11)
- Teaching Firewalls (was: Firewall for Pedagogical Purposes) chuck+fwwiz (Jan 12)
- Re: Teaching Firewalls (was: Firewall for Pedagogical Purposes) neil d. quiogue (Jan 13)
- Message not available
- Re: Teaching Firewalls (was: Firewall for Pedagogical Purposes) Marcus J. Ranum (Jan 13)
- Teaching Firewalls (was: Firewall for Pedagogical Purposes) chuck+fwwiz (Jan 12)