[fw-wiz] OWA and Risk Assesment

From: kronos@datastreamcowboys.net
Date: 12/02/02

From: <kronos@datastreamcowboys.net>
To: firewall-wizards@honor.icsalabs.com
Date: Mon Dec  2 07:30:02 2002

Having delt with Exchange the OWA portion can be a nightmare to lockdown. I
have to admitt when my boss decided to go with Citrix and Win RDP my life
got simpler with this issue, Because it ment i only had to have Win RDP and
ICA ports open. I wouldnt want to firewall a OWA set up with a IPtables or
Netfilter set up. The Checkpoint and the like is the way to go.

As for the person who wants in and knows what hes doing this is where risk
assessment comes in. If youre a one man shop just selling stuff you dont
have the risk of someone wanting your data compared to if you are a R&D lab
for a Fourtune 100 company that just developed the next fad. With most
security weather it is encryption or firewall people make mistakes. Look at
Encryption as a deadbolt lock on your front door of your house. The typical
dead bolt has 50 tumblers. This lock is useless if the intruders use a
chainsaw and cut a hole in your wall (which happened a few years ago in
California). Just because you have the biggest baddest security tool on the
market, a minor misconfiguration will have you looking for a new job, with
out a good reference. Also look at the life of your data. If it would be
detramental if it got out today but inconsequential if it does next week,
act according.

Besides risk do research.. Believe 10% of the venders and 50% of
the "hackers". Go to the "hacker sites" and see what tools they have. If
they have a tool for breaking a specific protocol that ups the risk.
Another good reason to check out these is to see what may be run aginst
your firewall. I dont believe any manufactures claims right away. Without
testing, using the tools from "hacker sites" because these are the things
that are going to be run aginst your network.

sorry for the rant...

Adam Graham