Re: [fw-wiz] A fun smackdown...

From: Devdas Bhagat (devdas_at_dvb.homelinux.org)
Date: 05/19/05

  • Next message: Devdas Bhagat: "Re: [fw-wiz] Extreme Problem with PIX Config"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 20 May 2005 02:53:58 +0530
    
    

    On 19/05/05 09:04 -0400, Paul D. Robertson wrote:
    > On Tue, 17 May 2005, Martin wrote:
    >
    > > "Be liberal in what you accept; be strict in what you send."
    >
    > _All_ effective security controls break that tenet. The more liberal your
    > controls, the more risk you assume.

    Unless your control is a proxy, which must accept all kinds of crap, and
    send only a stricly validated subset to the client.

    The default application of the RFC791 quote is to outbound traffic from your
    network, but nothing says that it cannot be applied the other way round.

    In general, I agree with you though.

    Devdas Bhagat
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Devdas Bhagat: "Re: [fw-wiz] Extreme Problem with PIX Config"

    Relevant Pages

    • RE: bypassing employers proxy to surf anonymously
      ... Maybe the question should be rephrased from "how do I bypass the employer's proxy to surf anonymously?" ... How do I seek to bypass the controls that my company has put in place? ... How do I break systems rather than fixing or building them? ... Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. ...
      (Pen-Test)
    • Re: Know about a proxy server?
      ... back and somebody mentioned you can download a "proxy" program that ... controls all information passing into your computer via the web. ... was a link to a site for a proxy server, ...
      (comp.security.misc)
    • Re: WinPak
      ... I also have a problem updating XP with proxy due to ... the active X controls. ... SFDADM ... Prev by Date: ...
      (microsoft.public.windowsxp.network_web)
    • Re: How does a customer get PCI audited?
      ... You can be purple in the face with controls and training, but if you are never PROPERLY tested by a REAL team then you will never know where your REAL risks are. ... You must have a strong understanding of the threat and how the threat might align with your risk and exposure profile. ... Suggesting that anyone build controls without first having a GOOD and REAL assessment is horrible advice. ... PCI-DSS compliance is at least a small defence. ...
      (Security-Basics)
    • Re: How does a customer get PCI audited?
      ... threat and how the threat might align with your risk and exposure profile. ... the job of a penetration testing company is to test the security of an existing IT Infrastructure and the effectiveness of policies and procedures to a degree. ... Those customers hire us to launch unannounced penetration tests against their infrastructure as a means to test how well their personnel follow the incident response policies. ... That said, penetration tests and vulnerability assessments do not perform complete reviews of a businesses controls, but they can challenge them to a degree. ...
      (Security-Basics)