Firewall Wizards mailing list archives
RE: Re: tcpdump on my firewall
From: <hesselsp () ashaman dhs org>
Date: Sun, 28 Oct 2001 17:41:18 -0500 (EST)
On Sun, 28 Oct 2001, R. DuFresne wrote:
One quick question, if the OS the fw runs on is sun based, do you make sure snoop is removed also?
snoop isn't on my solaris image. I haven't had anyone ask for it either though. If/when they do, I will tell them no. If/when they demand it I will have to read through all these emails again trying to find a reason why it should not be there. It isn't a perfect policy, but its what I have... and it has worked so far.
Opps, make that two quick questions, the second being, if you have no account on the fw at all, who monitors or audits the system to make sure it is policy compliant?
In the future, when audits are done of the system, any software which is not supposed to be there will be caught. I honestly trust the techs that administer them though; how can you not trust the person you are relying on to administer your firewall? (rhetorical question)
Thanks, Ron DuResne
--Paul _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- tcpdump on my firewall hesselsp (Oct 26)
- Re: tcpdump on my firewall Jose Nazario (Oct 26)
- Re: tcpdump on my firewall Frederick M Avolio (Oct 26)
- Re: tcpdump on my firewall Chad Schieken (Oct 27)
- RE: Re: tcpdump on my firewall hesselsp (Oct 28)
- RE: Re: tcpdump on my firewall R. DuFresne (Oct 28)
- RE: Re: tcpdump on my firewall hesselsp (Oct 28)
- Re: tcpdump on my firewall Chad Schieken (Oct 27)
- Re: tcpdump on my firewall hermit1 (Oct 27)
- Re: tcpdump on my firewall Barney Wolff (Oct 28)
- <Possible follow-ups>
- RE: tcpdump on my firewall Ames, Neil (Oct 26)
- RE: tcpdump on my firewall J B (Oct 27)
- Re: tcpdump on my firewall Matthew Jach (Oct 29)
- Re: tcpdump on my firewall Brian Ford (Oct 31)