Firewall Wizards mailing list archives
Re: SANS Top Ten and Commercial Firewalls
From: Kevin Steves <stevesk () pobox com>
Date: Wed, 2 Oct 2002 18:35:44 -0700
On Wed, Oct 02, 2002 at 08:59:39PM +0000, manatworkyes moderator wrote:
For example : W1,W2 are controlled with their Smart Defense. U2 , including the Slapper worm, can also be mitigated if you only allow SSLv3 based traffic to your servers. (requires some INSPECT work over tcp/443) You skipped W4 which can be controlled using CIFS rules. In this way, only authenticated users can access defined network shares (so here goes W5 as well) They have code to check the bind vul. as well etc. In my opinion, as a SECURITY device they are the best (Still, they can do more. For the client side, it is possible to use the personal firewall and SCV checks. This verifies pre-defined rules that if not matched, the user will not be able to get into the VPN. A check can be to look for specific registry settings, or specific IE settings etc. So, to make this short (unlike you I'm lazy:-) In my opinion they cover about everything.
The question is how many were covered "before" they were known vulnerabilities? That is the holy grail for the IDS crowd. And if your inbound policy would permit an attack, why wait for the firewall vendor to add a signature instead of patching or blocking access? _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: SANS Top Ten and Commercial Firewalls, (continued)
- Re: SANS Top Ten and Commercial Firewalls Paul Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls m p (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Ryan M. Ferris (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Kevin Steves (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls George J. Jahchan (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls ark (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls ark (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Kevin Steves (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Gary Flynn (Oct 03)
- Re: SANS Top Ten and Commercial Firewalls Paul D. Robertson (Oct 04)
- Re: SANS Top Ten and Commercial Firewalls Gary Flynn (Oct 04)