Metasploit mailing list archives
Spam: How safe is a hardware firewall?
From: kim at bufferzone.dk (Kim Guldberg)
Date: Mon, 05 Nov 2007 18:58:14 +0100
Hi Robin A hardware firewall is just as safe or unsafe as any other firewall, it's all in the configuration and setup, just one hole or misconfiguration and your are screwed. FortiGate is a well known brand and has an ok reputation. Your servers are not necessarily ok. You write that you have opened the important ports which is plenty enough for a hacker if the systems behind the firewall are un patched or has exploitable vulnerabilities. You write nothing about how you filter outbound traffic. This is very important since the hacker has to be able to connect back out through your firewall. It's is ok to leave the firewall open from outside in, if the hacker cannot come back out. Of cause it's is more safe to block both incoming and outbound as efficiently as possible. If you just look at your firewall, you will never get a secure system. You need to look at all the levels and all the units from a security point of view. Best regards Kim Guldberg Robin Kipp skrev:
Hi guys, I hope this topic isn't to much off-topic since it isn't Metasploit related... I just put a FortiGate hardware firewall between my server and the internet. I left all the important ports (HTTP, SMTP, POP3 etc) open, but the traffic is always being checked by the firewall. The firewall has thousands of attack definitions, virus signatures etc... Do you think I can say that my server is safe behind the firewall or are there always ways to hack the firewall and bypass it? Robin
Current thread:
- Windows Server 2008 - Thoughts on security?qQaa Martinez, Tino (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Joxean Koret (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)