Re: [fw-wiz] The Death Of A Firewall

From: Pedski (pedski_at_optonline.net)
Date: 10/18/05

  • Next message: Subha Venkataramanan: "[fw-wiz] Traffic Shaping in Fortinet"
    To: James Paterson <jpaterson@datamirror.com>
    Date: Mon, 17 Oct 2005 21:30:12 -0400
    
    

    James Paterson wrote:

    >http://www.securitypipeline.com/165700439
    >
    >Be interesting to get the communities take on this article.
    >
    >_______________________________________________
    >firewall-wizards mailing list
    >firewall-wizards@honor.icsalabs.com
    >http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >
    >
    >
    This is a model that has holes...
    router acl are not statefull.
    they seem to have some secutiy by means of DMZ
    the managemnt overhead of this is high..sometimes is not that easy
    deploying patches if the vulnerabilty came in the night...meaning if you
    are blocking everything with a firewall you bought yourself some
    time....in this case they are open ...the term raise their immunity to
    exists in hashers condition sounds really nice...but often attacks or
    worms come like a thief in the night......

    there is something flawed with this architecture.
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Subha Venkataramanan: "[fw-wiz] Traffic Shaping in Fortinet"