Re: NBG800 Hackers Test.
From: EricL (Landwehr@national-discount-brokers.com)Date: 10/06/02
- Next message: Duane Arnold: "Re: They can break ZoneAlarm easily !"
- Previous message: : "Re: They can break ZoneAlarm easily !"
- In reply to: NeoSadist: "Re: NBG800 Hackers Test."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Landwehr@national-discount-brokers.com (EricL) Date: 6 Oct 2002 11:44:09 -0700
We have a final solution to the mess.
DO NOT USE THERE DEFAULT MAIL SERVER! It seems they do not maintain
it. We used a sniffer to monitor the smtp packets to and from our
NBG800. No response from their server just drop connects.
We had to set up a small Unix smtp server that will only allow
connections from our customers IP addresses and it works great. The
alarms work on hackers test and even port scans.
I guess we will keep them because of the price.
"NeoSadist" <neos@dist> wrote in message news:<uprs34hu7eqabc@corp.supernews.com>...
> "EricL" <Landwehr@national-discount-brokers.com> wrote in message
> news:91f1b55f.0210040721.60f2d9f0@posting.google.com...
> > Has anyone use the NBG800 Hackers Test and did it work?
> >
> > I just set up 6 of the Sohoware NBG800 firewalls and none of the
> > hackers test or even if I try to simulate a hacker the alarm Email
> > does not work! This does not give my coustomers a good feeling. The
> > concept was that the hacker alarms were to go to a central email
> > account.
> >
> > I also have a NBG800 running for some time and it use to work. It was
> > so good that when I ran some port scans for an outside source I use to
> > get email alarms.
> > Now I don't!
> >
> > I been talking to another company about trading in theses firewalls
> > for another company maybe Gnat? I just need something just like the
> > NBG800.
> >
> > any comments?
>
>
> I dunno. Are you sure you want all your users notified every time someone
> runs a port scan? And the other thing I would ask is, if this is a software
> firewall and it's installed on all the clients, can your users modify its
> settings? I'd say if so, that isn't good.
> This is my opinion: use a central firewall on the server. Make all of it
> centralized, and have one monitoring station with someone watching the
> inbound and outbound 24/7. That's what I would do. I dunno, maybe I say
> this cause I'm military, and every base has a central network control center
> where all internet comes in and goes out, and it's monitored 24/7.
> I really don't know what to tell you. If you're not satisfied with what you
> got, find some other company. However, if the clients are configured DHCP,
> and the server is the only IP that the internet sees from outside, then that
> may be why they don't see any "attacks", since they'd probably all be aimed
> at the server, since that's the only IP they "see".
> Sorry if this email is a waste of your time.
- Next message: Duane Arnold: "Re: They can break ZoneAlarm easily !"
- Previous message: : "Re: They can break ZoneAlarm easily !"
- In reply to: NeoSadist: "Re: NBG800 Hackers Test."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
