Firewall Wizards mailing list archives
Re: A fun smackdown...
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Sat, 21 May 2005 00:36:23 +0530
On 20/05/05 11:55 -0400, Chuck Swiger wrote: <snip>
I find this definition to be self-consistent, but lacking, and would argue that security consists of more than just being able to deny stuff really well. Rule #1: Figure out what you are protecting. Rule #2: Figure out what you are protecting against.
Rule #1: Figure out what you are protecting. Rule #2: Determine who should have access to it, how, when and where. Rule #3: Deny everything else. Note the subtle difference.
This includes risk of disclosure, risk of unauthorized access/modification, loss of data, and loss of service availability, etc.Soon after the firewall idea was made known, and after people who weren't clear on the balance of security and utility started getting hold of it, Marcus Ranum introduced his Ultimately Secure Firewall - which does indeed disallow all network traffic. <URL: http://www.ranum.com/security/computer_security/papers/a1-firewall/>Heh...I've passed on two or three times where I wanted to bring up Marcus' wirecutters. :-) But I think the fact that people are buying expensive 1U firewall boxes from vendors rather than making Marcus rich from setting wirecutters proves my point
And quite a few of us have the view that those 1U boxes are simply not being used properly to deny enough traffic. See the common reasons for being listed on the CBL. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: A fun smackdown..., (continued)
- Re: A fun smackdown... Paul D. Robertson (May 19)
- Re: A fun smackdown... Marcus J. Ranum (May 20)
- Re: A fun smackdown... Chuck Swiger (May 21)
- Re: A fun smackdown... Marcus J. Ranum (May 21)
- Re: A fun smackdown... Chuck Swiger (May 21)
- Re: A fun smackdown... Marcus J. Ranum (May 21)
- RE: A fun smackdown... Bill Royds (May 24)
- Re: A fun smackdown... Joseph S D Yao (May 20)
- Re: A fun smackdown... Chuck Swiger (May 20)
- Re: A fun smackdown... Joseph S D Yao (May 20)
- Re: A fun smackdown... Devdas Bhagat (May 20)
- Re: A fun smackdown... Carson Gaspar (May 20)
- Re: A fun smackdown... Marcus J. Ranum (May 20)
- RE: A fun smackdown... lordchariot (May 21)
- Re: A fun smackdown... Devdas Bhagat (May 19)
- Re: A fun smackdown... Martin (May 20)
- RE: A fun smackdown... Paul D. Robertson (May 19)