Firewall Wizards mailing list archives
Re: RE: firewall-wizards digest, Vol 1 #1725 - 9 msgs
From: "Paul D. Robertson" <paul () compuwar net>
Date: Wed, 25 Jan 2006 16:42:05 -0500 (EST)
On Wed, 25 Jan 2006, Matthew.Harvey () usdoj gov wrote:
focus on physical security. If I ever told someone that we "didn't need" motion detectors or roving guard checks because our access control was THAT good, I don't think I would have lasted too long. Yes, in an ideal
A lot of us learned that way- however the point you're missing is that you're putting IR sensors tuned out to 300m to guard a bunch of bills secured in a cardboard box in the middle of Times Square on New Years Eve.
world no "bad" traffic can get through a properly configured proxy firewall, BUT the bad guys have imaginations, too! Often better and more evil imaginations that the guys who wrote the protocols and maybe even better than the guy who wrote the proxy (sorry, MJR, but it is possible).
That doesn't change the fact that if you're not doing the basics right then bells and whistles don't improve your overall security posture as much as getting the basics right will. Look at Avishai's study- then tell me that more IDS is the first thing we need, and do it with a straight face. Passive IR is a cool technology, but it sure as heck shouldn't be your first or only line of defense. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." http://fora.compuwar.net Infosec discussion boards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: firewall-wizards digest, Vol 1 #1725 - 9 msgs Matthew.Harvey () usdoj gov (Jan 25)
- Re: RE: firewall-wizards digest, Vol 1 #1725 - 9 msgs Paul D. Robertson (Jan 25)