Re: [fw-wiz] About Port Forwarding, Apache and Firewall Rules

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 08/30/04

  • Next message: Paul D. Robertson: "Re: [fw-wiz] About Port Forwarding, Apache and Firewall Rules"
    To: Mark <firewalladmin@bellsouth.net>
    Date: Mon, 30 Aug 2004 08:29:14 -0400 (EDT)
    
    

    On Sun, 29 Aug 2004, Mark wrote:

    > Hi Jim:
    >
    > I think (hope) you were just pointing out the irony of the request by
    > servie_tech. I must confess that I totally overlooked the paradox in the

    It's never wrong to hold the moral high ground, so long as you're not
    being hypocritical. I think it's especially important that firewall and
    network security people hold the moral high ground.

    You can't just say "follow policy" and expect people to do so, you have to
    be an example.

    I also think that anyone naiieve enough to think that their provider can't
    (a) tell they're hosting on a non-standard port and (b) correlate their
    account with an e-mail provider they access from their network, then find
    an admission that the breach of terms of service is intentional should it
    become necessary to do so, is living in a dream world.

    Let's say this server becomes compromised and is then used as either a
    jumping off point to attack other networks, or as a storage point for
    illegal content- the first message in this thread certainly adds
    culpability, don't you think?

    > post itself. However, if I may insert a little something without
    > starting a flame (as I mean no offense) I would like to quote a very
    > famous man from the world's all-time best seller:
    > "He that is without sin among you, let him first cast a stone..."
    > In other words, haven't we all been there done that?

    I can honestly say I've never been there and done that. I pay about two
    to three times the "lowest" price for broadband in my area so that I can
    have a static address, inbound services and terms of service I can live
    with. My employer doesn't pay for my home connectivity either.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Paul D. Robertson: "Re: [fw-wiz] About Port Forwarding, Apache and Firewall Rules"

    Relevant Pages

    • Re: Any free Wi-Fi intrusion detectors? I think my neighbours free-riding!
      ... Try AirSnare... ... Paul wrote: ... > I would rather not pay for one if I could get it free, ... > than those invited come onto my network. ...
      (microsoft.public.windowsxp.general)
    • Re: General
      ... understand the why of the ActiveSync quality issues. ... Paul T. ... We can safely say the ROM upgrade was irrelevant to the problem ... of stuff that interacts with network adapters on your PC. ...
      (microsoft.public.pocketpc.activesync)
    • Re: General
      ... Paul T. ... It sounds to me like there is a problem with the ROM update for your ... of stuff that interacts with network adapters on your PC. ... anti-virus/anti-scripting programs from dozens of vendors, ...
      (microsoft.public.pocketpc.activesync)
    • Re: AD replication IPCONFIG /ALL
      ... Paul Bergson ... It can still talk to two different subnets via your network router. ... Ethernet adapter Local Area Connection 5: ... Connection-specific DNS Suffix. ...
      (microsoft.public.windows.server.active_directory)
    • Re: Dns.GetHostEntry functionality
      ... I maually put in a DNS entry into the device network settings, even though OpenNetCF apis are reporting dns addresses. ... "Paul G. Tobey " <p space tobey no spam AT no instrument no spam DOT ... If you have two PC-type machines, open a MS-DOS window on one of them and try to view the network information for the one whose name you're currently trying to resolve, using the machine name. ...
      (microsoft.public.dotnet.framework.compactframework)