Re: [fw-wiz] Botnets, IRC servers and firewalls?

From: Paul Robertson (proberts_at_patriot.net)
Date: 02/03/04

  • Next message: Dave: "Re: [fw-wiz] Multiple world connections into PIX"
    To: "Mordechai T. Abzug" <morty@frakir.org>
    Date: Mon, 2 Feb 2004 22:18:16 -0500 (EST)
    
    

    On Mon, 2 Feb 2004, Mordechai T. Abzug wrote:

    > I've often heard the argument that security and connectivity are
    > inversely proportional. IMHO, the problem with it is that
    > availability is supposed to be part of security. A firewall that is
    > "so secure" that it breaks connectivity/availability isn't secure at
    > all; it's a self-DOS.

    Only if the connectivity it breaks is allowed by the security policy, and
    the security policy needs to relect the business need for connectivity.

    I've yet to see a business need for BotNet clients to run successfully ;)

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    proberts@patriot.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Dave: "Re: [fw-wiz] Multiple world connections into PIX"

    Relevant Pages

    • Re: automating trust of assembly keys
      ... > Paul - ... there are managed APIs for changing security policy (look at ... >> internet zone as well as the intranet zone. ... >> Is there a straightforward way of doing this in an installation project ...
      (microsoft.public.dotnet.security)
    • Re: [fw-wiz] Firewalls Compared
      ... How well do the boxes implement my proposed security policy. ... replied "I tried to deploy your product with authentication on, ... Paul D. Robertson "My statements in this message are personal opinions ...
      (Firewall-Wizards)