Re: [fw-wiz] X server in a Firewall



well, say, yet another a*hole^Wperson walks in and says they deploy a
new application, maybe it is not so bad per se so it should not be
banned, but changing firewall rulesets to make it pass and blocking
everything else that may sneak along may take some time requiring
excessive ruleset changes (hey guys, does your sh*t still work when
i block THIS?)

On Tue, Jan 24, 2006 at 10:23:41PM -0500, Marcus J. Ranum wrote:
> Paul D. Robertson wrote:
> >Indeed, that's why console-only access is the best method.
>
> Indeed; if your firewall rulesets change so often that you find it
> onerous to walk down the hall to the console, then your firewall
> ruleset is changing too often, which probably means you are
> already in a state of screwed.
>
> mjr.
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@xxxxxxxxxxxxxxxxxx
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards