Firewall Wizards mailing list archives

Re: X server in a Firewall

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Sat, 28 Jan 2006 17:08:03 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 24 Jan 2006, Marcus J. Ranum wrote:

Paul D. Robertson wrote:

Indeed, that's why console-only access is the best method.


Indeed; if your firewall rulesets change so often that you find it
onerous to walk down the hall to the console, then your firewall
ruleset is changing too often, which probably means you are
already in a state of screwed.

Would you be infering then that since we change our rulesets bi-weekly,every week of the year on about a hundred or more firewalls in esaps<managed zines for each agency, that we change too often?





Thanks,

Ron DuFresne

- --~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD2+tGst+vzJSwZikRAj2kAJ43kbP2TWI8aIU5u5QvMMO+6JL2wQCgnljL
jNEEmrVG71q2sf13zUZQBlo=
=K3Lf
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: X server in a Firewall R. DuFresne (Feb 01)
- Re: X server in a Firewall Chuck Swiger (Feb 02)
- <Possible follow-ups>
- Re: X server in a Firewall R. DuFresne (Feb 01)
- RE: X server in a Firewall Cat Okita (Feb 02)
  - Re: X server in a Firewall ArkanoiD (Feb 02)
- RE: X server in a Firewall Hammerle, Tye (Feb 02)