Firewall Wizards mailing list archives
RE: Intrusion Prevention Firewall
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 16 Apr 2002 10:04:34 -0400 (EDT)
On Mon, 15 Apr 2002, Dave Piscitello wrote:
But this isn't something *new*. Several firewalls do exactly this My WGRD Firebox temporarily blocks hosts according to a DOS and attack signature library, and my Rapidstream can detect basic DOS attacks and tries to mitigate the effects by discarding traffic. I'm pretty certain if I turn on my SonicWall, it has some feature like this.
doesn't this "attack signature library" put the firewall into the DIS/virus scanner category though? Meaning this library has to be maintained and updated regularly to be most effective, and the rules it plays upon has to be regularly maintained to make sure it's not over-reacting to signatures it detects from address space you need to reach out and deal with, like corporate partners, vendor sites and what not? This can be an administrative nightmare and requiring lots of documentation in case you're not there when updates and changes are required can't it? Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Intrusion Prevention Firewall Crispin Cowan (Mar 31)
- <Possible follow-ups>
- RE: Intrusion Prevention Firewall dont (Apr 02)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 03)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 03)
- RE: Intrusion Prevention Firewall Berny Stapleton (Sydney Technology) (Apr 12)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 16)
- Re: Intrusion Prevention Firewall Mikael Olsson (Apr 16)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 16)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 17)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 17)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 18)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 03)
- RE: Intrusion Prevention Firewall Mike Shaw (Apr 17)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 05)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 06)
- Re: Intrusion Prevention Firewall dont (Apr 06)