Full Disclosure mailing list archives
RE: Sidewinder G2
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 20 Nov 2003 10:24:40 -0600
-----Original Message----- From: Ron DuFresne [mailto:dufresne () winternet com] Sent: Thursday, November 20, 2003 9:21 AM To: Schmehl, Paul L Cc: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Sidewinder G23) What happens when Sidewinder fails? Does it fail open?If it does(and it should), is their version of sendmail stillprotected? Or isit sitting on the Internet bare-ass naked, waiting to be 0wn3d?it should fail "closed", preventing any traffic from passing, otherwise you have a door stop.
Maybe your network policy states that, but I would prefer for single point of failure devices to fail open, rather than closed. For us, network availability is a higher priority than protection is. If the firewall fails, I don't want the entire network down while we're waiting for a vendor to fix it. I'd be surprised if most networks aren't that way. Now, if it's something really critical *inside* the network that is protected by a firewall, then you might want it to fail closed, but at the edge? Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Sidewinder G2, (continued)
- RE: Sidewinder G2 Ron DuFresne (Nov 20)
- RE: Sidewinder G2 Mike Fratto (Nov 20)
- RE: Sidewinder G2 Ron DuFresne (Nov 25)
- RE: Sidewinder G2 Mike Fratto (Nov 18)
- RE: Sidewinder G2 Michal Zalewski (Nov 19)
- Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
- Re: Sidewinder G2 Michael Gale (Nov 18)
- Re: Sidewinder G2 Shawn McMahon (Nov 20)
- Re: Sidewinder G2 Michael Gale (Nov 20)
- RE: Sidewinder G2 Ron DuFresne (Nov 20)