Re: IPv6 support in firewalls

["Fetch, Brandon" <bfetch () tpg com>]

Not really an "approved" business use, but I learned the hard way that
Yahoo Fantasy Sports (yeah, yeah...tell me about it later...) requires
the use of JS.

:(

I was using a prolific hosts file to block a whole lot of ad content
from operators and ended up having to remote the pair of
js1/js2.yahoo.com resolutions to get their newest version to work.

Sad but true...JS has now invaded fantasy football!

-Back to lurk mode
Brandon

-----Original Message-----
From: firewall-wizards-bounces () listserv icsalabs com
[mailto:firewall-wizards-bounces () listserv icsalabs com] On Behalf Of
ArkanoiD
Sent: Wednesday, August 29, 2007 1:01 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] IPv6 support in firewalls

Sure this applies to "receiving documents from outside" case only,
not for internal document flow. BTW, back to the firewalls: are there
any reasonable "whitelists" of sites that use JS, really do need it to
work properly and known to behave well? Looks like every organization
deploying scripting languages control on the firewall creates one
from the scratch, which may be quite long process. I guess there
should be some "annotated template"?

On Wed, Aug 29, 2007 at 12:29:26PM -0400, Paul D. Robertson wrote:
> > Yes. Most people need Google Documents and Ajax. Actually using
Google Documents
> > is safer than installing local "Office" pack.
>
> That depends heavily on your trust model, document propagation risk
and 
> how valuable the documents themselves are.  I'd like to see your
strategy 
> for document protection and recovery from Google Docs for a
just-laid-off 
> employee.  I'd like to see you stop them from "sharing" a copy of the 
> document with themselves at home...  While it's not easy to do, you
*can* 
> build an environment where a local office package keeps the documents
in a 
> reasonably controlled environment where employees can't e-mail them 
> directly, dump them to removable media, etc.
>
> Put the documents on a Web site accessible from anywhere on the planet

> with reusable credentials and you pretty-much kill the idea of
document 
> control at all, let alone keeping the honest people honest or a
credential 
> exposure from providing the whole farm instead of just a pig.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


This message is intended only for the person(s) to which it is addressed 
and may contain privileged, confidential and/or insider information. 
If you have received this communication in error, please notify us 
immediately by replying to the message and deleting it from your computer. 
Any disclosure, copying, distribution, or the taking of any action concerning
the contents of this message and any attachment(s) by anyone other 
than the named recipient(s) is strictly prohibited.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards