Re: [fw-wiz] Benefit of firewall over NAT-only 'protected' network

From: Frank Knobbe (fknobbe_at_knobbeits.com)
Date: 05/31/03

  • Next message: Brian Ford: "Re: [fw-wiz] Home Environment Cisco" 
    To: Chuck Swiger <chuck@codefab.com>
Date: 30 May 2003 22:43:53 -0500

    On Thu, 2003-05-29 at 16:38, Chuck Swiger wrote:
    > > Perhaps we need to start thinking in less selfish terms. When designing
    > > firewall policies, we need to keep not only our own security in mind,
    > > but also that our of fellow Internet users. At least, be aware that you
    > > are sending data out in return for receiving data in...
    >
    > There is nothing wrong with being selfish. People should determine what they
    > feel is in their own self-interest, and work towards their own goals, without
    > any apologies or guilt. It's often possible to act purely out of self-interest
    > yet perform actions which benefit others as well as just yourself. Given the
    > choice, I prefer to be in situations where what I would do for my own selfish
    > benefit is the same as or similar to what I would do for the benefit of others.

    Maybe "selfish" was a wrong choice of words. My point was that we should
    not only consider how others affect us (security-wise), but also how we
    affect others.

    One example could be performing virus scans not just on inbound, but
    also on outbound emails. It aligns with your thought in above paragraph.
    It could be seen as a selfish act of avoiding embarrassment when an
    internal user catches an email virus and starts sending out emails. But
    it also keeps viruses in your mail system from infecting others on the
    Internet.

    Regards,
    Frank

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Brian Ford: "Re: [fw-wiz] Home Environment Cisco"
    • Quantcast