Firewall Wizards mailing list archives
Re: Ok, so now we have a firewall, we're safe, right?
From: Chris Blask <chris () blask org>
Date: Tue, 31 May 2005 18:42:07 -0400
Hey Carson! At 09:48 PM 5/30/2005, Carson Gaspar wrote:
--On Monday, May 30, 2005 12:18:05 PM -0400 "Paul D. Robertson" <paul () compuwar net> wrote:If ever there were a wakeup call for people to start analyzing their firewall logs, this is it- nobody at any of the companies involved figured this out due to firewall logs, an author figured it out because their unpublished book was leaking.Huh? Their firewalls allowed executable attachments to be delivered from unknown sources to people uneducated enough to click on them. Said firewalls failed. Examining the logs may have alerted them sooner, but that's closing the barn door long after the horses have escaped and trampled the children.
Well, it depends.Finding the horses loose in the yard, shutting the gate and getting them back in their stalls may occur while causing nothing worse than some property damage and a vet bill. Not *noticing* that the horses have gotten out, destroyed the foundation of the ranch house and killed the children until someone mentions they haven't seen them in school for three months - that's a measurably worse outcome.
The data and operational ability is there to give visibility into network activity - it's just a Very Large Numbers problem (but so are Large Primes, and we just keep building bigger gear to handle it). Products exist to do this today, just not many people are using them yet.
That sort of capability doesn't solve all the world's problems, but it makes a lot of things clearer.
-cheers! -chris Chris Blask chris () blask org http://blaskworks.blogspot.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Ok, so now we have a firewall, we're safe, right?, (continued)
- Re: Ok, so now we have a firewall, we're safe, right? Fritz Ames (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Paul D. Robertson (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Marcus J. Ranum (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Roel Jonkman (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Paul D. Robertson (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Fritz Ames (May 31)
- RE: Ok, so now we have a firewall, we're safe, right? Tina Bird (May 31)
- RE: Ok, so now we have a firewall, we're safe, right? Chris Blask (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Chris Blask (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Paul D. Robertson (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Chris Blask (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Paul D. Robertson (May 31)
- Re: Ok, so now we have a firewall, we're safe, right? Paul D. Robertson (May 31)