Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Botnets, IRC servers and firewalls?

From: "Mordechai T. Abzug" <morty () frakir org>
Date: Mon, 2 Feb 2004 21:51:08 -0500
On Mon, Feb 02, 2004 at 09:35:18PM -0500, Marcus J Ranum wrote:


No. Firewalling is only an arms race if you want to have a high
degree of connectivity and want to believe that your firewall
is actually doing something. Security == C / connectivity, where
C is an unknown but small constant.


I've often heard the argument that security and connectivity are
inversely proportional.  IMHO, the problem with it is that
availability is supposed to be part of security.  A firewall that is
"so secure" that it breaks connectivity/availability isn't secure at
all; it's a self-DOS.

- Morty
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: