[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Automagically creating rules
From: Feico Dillema <feico () pasta ! cs ! uit ! no>
Date: 2002-12-14 18:49:21
[Download RAW message or body]
On Fri, Dec 13, 2002 at 12:04:01PM -0500, Jefferson Ogata wrote:
> Feico Dillema wrote:
> >On Fri, Dec 13, 2002 at 11:10:39AM -0500, Jefferson Ogata wrote:
>
> IMHO there are two scenarios where a firewall can be really effective:
Agree with you and won't argue with you on that, but there are other
scenarios where a firewall can be somewhat effective. Maybe not
achieve the same goals, but give some protection.
> Once you start mixing these scenarios -- exposing services on insecure
> intranets -- you've lost the majority of the benefit of either
> configuration. You just need one bozo with an incorrectly configured proxy
> server, and the whole intranet with all its glorious vulnerabilities is
> completely exposed.
Sure, but sometimes that is not the problem that one wants to solve.
Feico.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic