Educause Security Discussion mailing list archives
Re: When is a firewall not a firewall?
From: Gary Flynn <flynngn () JMU EDU>
Date: Fri, 5 Sep 2003 16:32:09 -0400
Hahn, Jacob wrote:
IP Security policies that are built in to the local and group policies may provide what you are looking for. The real beauty of the group policy based IP Security policies is that can be centrally managed via active directory.
I'm experimenting with them now and they leave a period of vulnerability during boot too. Several seconds just before the logon prompt, a specifically blocked port (135) was reported open by nmap. This was done using local policy (i.e. ipsecpol -w REG) I doubt group policy would be any different. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- When is a firewall not a firewall? Gary Dobbins (Sep 05)
- <Possible follow-ups>
- Re: When is a firewall not a firewall? Hahn, Jacob (Sep 05)
- Re: When is a firewall not a firewall? Jere Retzer (Sep 05)
- Re: When is a firewall not a firewall? Matthew Keller (Sep 05)
- Re: When is a firewall not a firewall? Gary Flynn (Sep 05)
- Re: When is a firewall not a firewall? Omar Herrera (Sep 05)