Re: [fw-wiz] IPv6 support in firewalls

Sure this applies to "receiving documents from outside" case only,
not for internal document flow. BTW, back to the firewalls: are there
any reasonable "whitelists" of sites that use JS, really do need it to
work properly and known to behave well? Looks like every organization
deploying scripting languages control on the firewall creates one
from the scratch, which may be quite long process. I guess there
should be some "annotated template"?

On Wed, Aug 29, 2007 at 12:29:26PM -0400, Paul D. Robertson wrote:

Yes. Most people need Google Documents and Ajax. Actually using Google Documents
is safer than installing local "Office" pack.

That depends heavily on your trust model, document propagation risk and
how valuable the documents themselves are. I'd like to see your strategy
for document protection and recovery from Google Docs for a just-laid-off
employee. I'd like to see you stop them from "sharing" a copy of the
document with themselves at home... While it's not easy to do, you *can*
build an environment where a local office package keeps the documents in a
reasonably controlled environment where employees can't e-mail them
directly, dump them to removable media, etc.

Put the documents on a Web site accessible from anywhere on the planet
with reusable credentials and you pretty-much kill the idea of document
control at all, let alone keeping the honest people honest or a credential
exposure from providing the whole farm instead of just a pig.

firewall-wizards mailing list

Relevant Pages

  • Re: Help with finding hardware firewall that acts like software firewall
    ... level but do not truly control things as per specific program executable. ... They are basically filtering the application data within the packets. ... protection provided by some of the personal firewalls, ... > responsible for using a specific port or ports. ...
  • Accessing systems behind uncontrolled firewall
    ... I want to be able to access these machines via SSH if nothing else. ... Two firewalls are controlled by "the guy upstairs" who was fired for computer services in favor of hiring someone else. ... Hence I have zero control and can open nothing for unsolicited outside connections. ... My general idea is to have the servers I am building open up some kind of a tunnel automatically to my home via SSH, PPTP, IPsec, whatever, and use that to pipe data back and forth. ...
  • Re: [fw-wiz] Isolating internal servers behind firewalls
    ... having servers on a separate segment controlled by ... firewalls segregating segments also common. ... Control which clients connect to which servers on what ports ... If you have proper change control management, this should not be a problem. ...
  • Re: Password vault software
    ... Comodo's firewall is top-rated amongst the free personal firewalls. ... That's because the application aren't running on the router. ... Router firewalls can provide some outbound control, like on protocols, IP or MAC addresses, time of day, IP name/address censoring, etc. ... I saw no mention of app rules (or inclusion of IPS to control what process can call what program to make the connection). ...
  • Re: [fw-wiz] How automate firewall tests
    ... for "patch your software constantly" is proof positive that packet-based ... firewalls don't work except for at a very gross level. ... mainly) don't want intelligent, educated and honest. ... "If fifty million people say a stupid thing, ...