Firewall Wizards mailing list archives
Re: Is this for real
From: "Saravana Ram" <Ram () POP Jaring My>
Date: Mon, 15 Nov 1999 16:38:48 +0800
arguments for installing a firewall and still do recommend them.) I think it
does increase security assurance. Does >for me, anyway. I'd love a device that provided a provable separation in the network... this for the same reason I
(and many of us) argue for security devices that fail closed. I'd even say it
could "greatly" increase assurance. How does a physical separation of the network really help? At the end, if you can coerce the outer gatekeeper to pass information through the "gap" (by the usual BOF methods etc) you'd still have a security breach. To coerce a firewall to pass a packet between two network interfaces on the same PCI bus is the same as coercing this Whale setup to write a packet to this scsi disk (or logical device). I don't see the added protection.
Current thread:
- Re: Is this for real Mikael Olsson (Nov 10)
- Re: Is this for real Rick Smith (Nov 11)
- Re: Is this for real Frederick M Avolio (Nov 14)
- Re: Is this for real Saravana Ram (Nov 15)
- Re: Is this for real Joseph S D Yao (Nov 17)
- Re: Is this for real Frederick M Avolio (Nov 14)
- Re: Is this for real Rick Smith (Nov 11)
- Re: Is this for real Saravana Ram (Nov 14)
- <Possible follow-ups>
- Re: Is this for real Crispin Cowan (Nov 10)
- Re: Is this for real Joseph S D Yao (Nov 10)
- RE: Is this for real Bill Stout (Nov 15)
- RE: Is this for real Squire, Jonathan (Nov 15)