Firewall Wizards mailing list archives
Re: firewall-wizards Digest, Vol 64, Issue 3 phishing
From: Bill Kyle <Bill.Kyle () jhu edu>
Date: Mon, 15 Apr 2013 14:40:40 -0400
In a former lifetime in the mid-nineties while at DEC installing Marcus' SEAL firewall for customers, I always did egress address filtering. It was best practice then and it's still best practice now. And, people still haven't learned how to configure their DNS servers. Until we can get the basics correct at this level we'll have a hard time discussing the home users getting "their act together." -- Best regards, Bill Kyle "In one respect at least the Martians are a happy people; they have no lawyers."
From "A Princess of Mars"
- Edgar Rice Burroughs On Apr 15, 2013, at 1:53 PM, Dave Piscitello <dave () corecom com> wrote:
Cloud is simply the current incarnation of server (LAN/farm, data center, virtualization...). I really don't see that the security issues have changed all that much (evolved maybe), or approaches to solving them. Look at us. We are in the "Lather, rinse, repeat" business. I recently quoted firewall-wizards threads from 2007 on DDoS in an article. We were discussing a 2000 SANS report encouraging egress address filtering. Still comes down to willingness to spend, will to execute. Too little of both. On Sat, Apr 13, 2013 at 12:26 AM, Marcus Ranum <mjr () ranum com> wrote:I suspect that few on this list are comfortable with this scene. The pump is there for many because it's keeping the ship afloat while we patch and re-think how to prevent future hull breaches. Part of re-thinking is coming up with better monitoring (of hull integrity) and AWS; part is raising competencies among crew, and part is raising security awareness among passengers. All of these require the captain's approval and the captain has to empower the officers.Meanwhile, many of the ship-builders have staked their oars and declared that they will never go to sea again, but - of course - their customers are welcome to try out the very inexpensive "cloud ship" offering that "ought to work just fine." More or less. Have a nice trip. mjr. -- Marcus J. Ranum CSO, Tenable Network Security, Inc. http://www.tenable.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Dave Piscitello (Apr 12)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Kyle Creyts (Apr 12)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Dave Piscitello (Apr 15)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Marcus Ranum (Apr 15)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Dave Piscitello (Apr 15)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Bill Kyle (Apr 15)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Magosányi Árpád (Apr 16)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing David Lang (Apr 30)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Dave Piscitello (Apr 15)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Stephen P. Berry (Apr 16)
- Re: firewall-wizards Digest, Vol 64, Issue 3 phishing Kyle Creyts (Apr 12)