RE: "firewalls are obsolete" rant

["Paul Melson" <pmelson () gmail com>]

-----Original Message-----
Subject: Re: [fw-wiz] "firewalls are obsolete" rant

> I still have to ask why everyone is an admin on their local machine, but
beyond that I'm 
> also wondering why you would spend the extra time and money on an IRC
client/environment at 
> all. If the communications are to be kept within the company, MS provides
free software to 
> do that and you don't have to open it up to the 'Net. Here they install
Messenger on every 
> system. You're not allowed off-network and can only add users from AD.

Except if they're local admin, they can definitely change that.  And unless
you've fully investigated the issue, I'd wager you've got at least a couple
of people using MSN to talk outside your network.  Feel free to use my
one-off Snort rule to check and see:

alert tcp $HOME_NET any -> $EXTERNAL_NET 80 (msg:"LOCAL CHAT Possible HTTP
MSN Messenger Activity"; content:"application/x-msn-messenger"; flags:A+;
classtype:policy-violation; priority:2; rev:2;)


> IRC isn't all that efficient at sharing ideas anyway - can't see how
anyone could make a 
> business case for it.

The argument for IRC that prevailed here boiled down to "it's the only way
to communicate with X."  To which, several people responded, "Should we rely
on them, then, if we can't call or e-mail them?"  And somehow it was
concluded that we should because according to someone, X was the only party
that could provide what we were looking for.  Not our finest hour, but not a
disaster, either.

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards