Firewall Wizards mailing list archives
RE: Automated IDS response
From: ark () eltex ru
Date: Thu, 17 Feb 2000 14:14:09 +0300
-----BEGIN PGP SIGNED MESSAGE----- nuqneH, Robert Graham <robert_david_graham () yahoo com> said :
I mean, with a firewall you've already pre-DoSed your users: you deny them full access to the Internet. How many users can get IRC, ICQ, or even RealAudio through the firewall? How many of your users are complaining they can't traceroute through your firewall? You've already denied them that service.
Hmm, my users can do all that, though i feel unhappy somehow about ICQ - and i am not willing to write a proxy for it just to do not provide false sense of security.. simple relay program passes UDP packets to and from ICQ server, that's all i have (yes, i know it leaks internal addressing info, but THEY do not let me to deny the damn thing completely) Using "personal firewall" thingies like AtGuard on Weendoze workstations as complemetary measure in addition to "main" firewall is probably a good idea also.. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBOKvYAKH/mIJW9LeBAQEB2gP8DaoaMbfAA6Ylm0USrEYRXpXmaU32mKMO gMlSwNWhdFNOZcEwreGC5Di78NO6NjKwIriQLg+zw5irjwEPrOxAxP/QqHieGf71 4Ntq4bN69enCNonN7M4LmRZ+Ds6nBbGzbZ5mhR78jCaQ5owX+eMAmHJxW6QMLgDC UyP9RXK6ww8= =N4wm -----END PGP SIGNATURE-----
Current thread:
- Re: Automated IDS response, (continued)
- Re: Automated IDS response Michael H. Warfield (Feb 14)
- Re: Automated IDS response Michael B. Rash (Feb 14)
- Re: Automated IDS response Andy (Feb 14)
- Re: Automated IDS response Lance Spitzner (Feb 15)
- Re: Automated IDS response Michael H. Warfield (Feb 14)
- RE: Automated IDS response Robert Graham (Feb 14)
- RE: Automated IDS response Crumrine, Gary L (Feb 15)
- RE: Automated IDS response Marcus J. Ranum (Feb 15)
- Re: Automated IDS response Paul Cardon (Feb 17)
- RE: Automated IDS response Robert Graham (Feb 15)
- RE: Automated IDS response Russ Wolfe (Feb 16)
- RE: Automated IDS response ark (Feb 17)