Re: How automate firewall tests

["R. DuFresne" <dufresne () sysinfo com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 18 Aug 2006, Keith A. Glass wrote:

> Marcus J. Ranum wrote:
> > Durga Prasad wrote:
> >
> > > There are couple of tools which test if a firewalling is leaking any 
> > > packets.
> >
> > People still rely on packet-based firewalls??!!! You're joking, right? It's 
> > 2006!
> Well. . .we packet-filter at the border routers and switches prior to the 
> border firewall to take some of the load off. . .but then ALL our routers are 
> set to packet filter as an additional security measure. . .

It might amaze a number of folks to learn how uncommon this setup is these 
days.  Afterall the routers are for routing, and  the switches are for 
switching, and the new FW appliance with built in anti-viri and IDS.IPS 
abilities does it all!

Thanks,

Ron DuFresne
- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE61+Ist+vzJSwZikRAnL0AKCC+tFg5utvH2VCQHlUV4v+cD3SwwCfe/h6
3KJRmnqZQzSpYW/j+JdB0r4=
=mdDq
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards