Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: how prevelant

From: Jason Lewis <jlewis () packetnexus com>
Date: Mon, 11 Oct 2004 16:11:30 -0400
I had a job interview a while back and during the interview they were explaining the network configuration to me. When the interviewer was done, he asked why I had such a stunned look on my face. I said I found it amazing they were passing domain information across the internet. His response was that they had a firewall, so it was ok.
I explained that firewalls are worthless if you are passing your important information across the internet without some kind of encryption.
I ended up not taking the job, because they actually argued with my free advice on how to immediately fix the problem. (Setup an IPSEC tunnel between the sites.) 

I think it is VERY common, because there is a lack of understanding.

You say tightfisted, I say intelligent.

jas

R. DuFresne wrote:

how common is it for a company to have it's NT domain and novell
athentication pass openly across the internet, and have this be the
requirement to access VPN tunnel rights from outside into the company?

The firewalls I manage keep all windows related protocols in the 135-139,
445 and 5000 ports arenas internal only, none f this traffic passes
outside the firewalls, none is allowedto pass outside, unltess tunneled.
Is this not a standard practise with any org with half a clue of security,
or am I being more tightfisted with access and control then is the norm?

Thanks,

Ron DuFresne

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: