RE: [fw-wiz] Home Environment Cisco

From: R. DuFresne (dufresne_at_sysinfo.com)
Date: 05/30/03

  • Next message: Jeff Newton: "[fw-wiz] Application Intelligence and GotoMyPC"
    To: "Loomis, Rip" <GILBERT.R.LOOMIS@saic.com>
    Date: Fri, 30 May 2003 17:21:15 -0400 (EDT)
    

            [SNIP]

    >
    > I've been using Solaris, Linux, Windows, *BSD, and security
    > appliances for several years too. I would agree with Ben
    > Nagy's recommendation (Cisco 17xx) or Wes Noonan (PIX 5xx),
    > or consider a Netscreen 25. Any of those are probably
    > overkill--but they're all featureful, reliable, and *much*
    > easier to configure in my experience than iptables/pf/ipfilter.
    >
    > I have no issue with advocacy, and I currently use all three
    > of the above $freely-available-packet-filter implementations
    > for Real Work...but I'd prefer we try to answer the question
    > asked with a more appropriate response. Just my suggestion,
    > anyway.
    >

    And yet, prior to the sudden appearance of all the blackbox security
    devices hitting the market in recent years, this was probably one of the
    most common answers to such questions through the early 90's here and on
    the old <defunct?> firewalls list for homeuser options and 'get it up
    quick and cheap' solutions. And, still not too awfully bogus and answer
    in this day and age either. Especially, considering the vast number of
    cheapo boxes that can handle this task without any real bit to the wallet
    in the backside. I was looking at the anything.pc.com website just today,
    and a 450mhz dell box, 65 gig drive, 128 megs ram, and a few other odds
    and ends probably not needed for the task as a fw/router was a mere 175!
    The local wantads almost anyplace can supply something on the same cost
    range for a person. Saves that SUN system at home from being wasted to
    this task, and still comes off cheaper, even adding a monitor and
    keyboard, should they not come with the box, then many of the soho
    solutions offered. Support? irc channels on most any irc network can
    help there, not to mention that those that still remember and use usenet
    has a proliferation of comp.os... groups.

    I was surprised it took as long as it did for that answer to hit the list,
    not long ago it would have been perhaps the first through the tenth or
    more reply...

    Thanks,

    Ron DuFresne

    -- 
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
            admin & senior security consultant:  sysinfo.com
                            http://sysinfo.com
    "Cutting the space budget really restores my faith in humanity.  It
    eliminates dreams, goals, and ideals and lets us get straight to the
    business of hate, debauchery, and self-annihilation."
                    -- Johnny Hart
    testing, only testing, and damn good at it too!
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Jeff Newton: "[fw-wiz] Application Intelligence and GotoMyPC"

    Relevant Pages

    • Re: IRC channels
      ... I need some IRC channels to connect to from my mIRC program in order to ask ... network security ... microsoft windows programming ...
      (Security-Basics)
    • Re: IRC channels related to security
      ... can you give me any tips for IRC channels, related to security in ... vuln-dev and so on. ... Preferably channels located on networks like freenode, ircnet, ...
      (Security-Basics)
    • Re: testing laptop based on bsd anyone
      ... Hopefully it will point at some nice BSD ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)
    • Re: [fw-wiz] Securing email by inhibiting urls
      ... you should implement a true URL and content filtering service.. ... Security product for web content filtering. ... I do know that we had all of the popular safeguards turned on on the McAfee ... took me personally about 40 hours to get the McAfee appliances working ...
      (Firewall-Wizards)
    • Re: Host-Base Firewall
      ... While hardware security solutions do serve a purpose and do defeat some attacks, they can not solve the human element problem or the evolution problem. ... A while back our research team performed an assessment of several security appliances as a part of an R&D project. ... When we assessed the appliance technology we discovered that the libraries and software that were being used were on average 1-3 years old. ...
      (Security-Basics)