Re: [fw-wiz] iso 17799
From: ArkanoiD (ark_at_eltex.net)
To: Dana Nowell <DanaNowell@cornerstonesoftware.com> Date: Tue, 27 Jul 2004 00:48:03 +0400
Yes, finding detailed protocol description is one of the biggest problems.
Too bad i had to rely on reerse enginered data sometimes, but it is
better than nothing..
It would be great to have such info gathered in one place.
On Thu, Jul 22, 2004 at 10:33:34AM -0400, Dana Nowell wrote:
> The stuff I'm talking about is things like, I have to punch a hole through
> a VPN from office A to office B for a protocol I've never seen before. Gee
> I bet with the collective experience of the list, someone else has. I
> COULD search google (try TSE protocol someday), get 40,000 hits the first N
> pages of which are patches, marketing drivel, and unrelated hits, so I have
> to start the 'refine the query' game. OR I could email the list and get N
> hundred private responses or create a thread that 90% of the list isn't
> interested in (like this one by now;). Or we COULD start to collect that
> stuff in one place. Does the technique change, no. I still weigh my
> options and decide if I need the protocol, I still look at alternatives (or
> ask the list). But in the end, whatever I pick, I still need to either buy
> a doo-dad and click a button OR build some firewall rules for a protocol I
> have no clue about.
> I don't like the click and sleep firewall strategy. So I'm going to learn
> about the protocol. I'm not going to take anyone's word exclusively, I am
> going to do my own testing. But I'm not beyond taking a helping hand if it
> is available as a starting point. I'd also like to avoid spending half an
> hour playing 'refine the query' with google.
> OK, I don't like any of my options, so I need to put together a risk memo
> to get the project either cleaned up or canned. So being a newbie, I
> haven't done one before, I'd like a sample. Great, I know this list where
> people probably have hundreds kicking about, I email. No one wants to post
> the doc to the list because it is long and/or not really interesting to the
> bulk of the list, so I get private email. Cool, problem solved, I'm happy.
> Now, enter the next newbie in need of the same sample ...
> So I guess I agree with you, things don't change, and they should. Either
> that or I have this thing for windmills and horses. ;)
> At 06:27 AM 7/22/2004 -0400, Frederick M Avolio wrote:
> >At 07:47 PM 7/21/2004 -0400, Dana Nowell wrote:
> >>IMO, the information is too dynamic. Any book would be obsolete before it
> >>hits the store. We need a dynamic resource that ebbs and flows with the
> >>changes on the net.
> >At the risk of beating a dead horse (or being called a dinosaur --
> >firewall-wizards, January 1999 :-)), the stuff you are talking about does
> >not change. It just gets applied to new situations. I know that sounds
> >unbelievable. But it is true.
> Dana Nowell Cornerstone Software Inc.
> Voice: 603-595-7480 Fax: 603-882-7313
> email: DanaNowell_at_CornerstoneSoftware.com
> firewall-wizards mailing list
> email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com
firewall-wizards mailing list