Firewall Wizards mailing list archives

Re: Reactive Firewalls

From: Rick Smith <rsmith () securecomputing com>
Date: Thu, 12 Feb 1998 10:16:14 -0600

At 9:38 AM +1100 2/12/98, Darren Reed wrote:

Whilst feedback may help the hacker, if it shuts down and needs to be
manually rebooted, it also slows down the attack considerably.  There's
also a good chance it will discourage those who are 'trolling' for
insecure sites/firewalls from making a serious attempt to penetrate
your firewall.

Personally, I'd prefer a service that fell victim to D.O.S attacks than
one which could be compromised.


Outside of the intelligence agencies, I've found that Internet savvy
enterprises generally consider denial of service to be as bad or worse a
"compromise" as anything else a hacker might do. This is certainly becoming
true in military environments.


Rick.
smith () securecomputing com                Secure Computing Corporation
"Internet Cryptography" at http://www.visi.com/crypto/ and bookstores

Current thread:

RE: Reactive Firewalls Stout, William (Feb 10)
- <Possible follow-ups>
- Re: Reactive Firewalls tqbf (Feb 11)
- Re: Reactive Firewalls Darren Reed (Feb 11)
  - Re: Reactive Firewalls John Lines (Feb 12)
  - Re: Reactive Firewalls Rick Smith (Feb 12)
    - Re: Reactive Firewalls Chris Brenton (Feb 13)
    - Re: Reactive Firewalls Rick Smith (Feb 13)
    - Re: Reactive Firewalls Joseph S. D. Yao (Feb 13)
    - Re: Reactive Firewalls Rachel Rosencrantz (Feb 13)
    - Re: Reactive Firewalls Rick Smith (Feb 16)