Re: A poor man's activity check :)

From: Chris Severance (severachAatThotmail.DOT.NOSP@M.DOT.com)
Date: 01/09/02 

From: Chris Severance <severachAatThotmail.DOT.NOSP@M.DOT.com>
Date: Wed, 09 Jan 2002 02:13:53 -0500

On 8 Jan 2002 17:55:18 GMT, Juergen Nieveler <juergen.nieveler@web.de>
wrote:

>"Frank S" <fsexton@qwest.net> wrote in
>news:3KB_7.193703$m05.16538274@bin5.nnrp.aus1.giganews.com:
>
>> Now that you have learned that there is no need for a firewall, why do
>> you hang around this newsgroup?
>
>Who ever said that this group is for "Personal Firewalls" only?
>
>NETWORK Firewalls are very usefull, because they limit access from
>one network to another network, and can prevent unauthorized access
>from the Internet to ressources available in your Network.

Network firewalls are better because they cannot be circumvented and
are generally hardened to compromise. They are also good because they
provide fair protection for even the least knowledgable in your
organization.

While it's true that a personal software firewall is easily
compromised, this requires 3 things.

*An antivirus that doesn't have the signature
*A firewall that isn't hardened to the incoming exploit
*A user that can't tell the difference between a virus and Anna K's
naked body

Given that most companies interested in security can do #1 and #2 and
they probably have some guidelines regarding #3, there is a use for
personal firewalls.

The best use of course is in the hands of a techie who knows what it
means when the firewall pops up some message about a bad program
trying to contact a bad site. This means that software firewalls won't
be of a lot of use until they are done in Enterprise fashion where
they contact a central server for authorization. That way when Joe Bob
IT staffer gets 26,000 messages that AnnaK is trying to contact
address 1.2.3.4, he simply reaches over and unpluggs the internet then
proceeds to clean up the mess.

Then he wonders why 96.8% of everyone in his organization wanted to
see the picture as he remembers that some of that includes women. All
that blackmail is worth a pretty big raise.

Relevant Pages

  • RE: Firewalls (was Re: IDS evaluations procedures)
    ... firewalls will work much better than network firewalls, ... God know that if there existed brain based personal firewalls, ... So far, most host based solutions I've seen are not ...
    (Focus-IDS)
  • Re: Sygate Personal Firewall PRO 5.0
    ... We use both network and personal firewalls here. ... Both are important in any realistic security solution. ...
    (comp.security.firewalls)
  • RE: [fw-wiz] Firewalls v. Router ACLs
    ... people to take in consideration in network design and layout. ... here and the old firewalls list often emphasized an approach that avoided ... The logging alert features alone turn this layer into a IDS as ... > An appropriately sized router will not have any performance problems. ...
    (Firewall-Wizards)
  • [fw-wiz] IDS/IPS and LOGS
    ... nasty behavior is happening on your network (where your network is ... easily turn your IPS into a big denial of service attack. ... My guess is that most of the Worlds firewalls and IDS/IPS only have half ... I noticed that there is a big emphasis on log parsing while there should ...
    (Firewall-Wizards)
  • Re: Establish persistant outbound connection for covert application
    ... which firewalls are running etc.) and then communicate its ... the actual network layer. ... They do have 2 network interfaces in case I want to chain them between a PC ... They also have a wireless interface so I can hook into the machine if I am ...
    (Security-Basics)