Re: Question About Firewalls and Hacking
From: Fidelio (bart.simpson_at_springfield.com)
Date: 08/13/04
- Next message: Fidelio: "Re: PIX 515 reloading by itself"
- Previous message: beatnik: "Re: Question About Firewalls and Hacking"
- In reply to: beatnik: "Re: Question About Firewalls and Hacking"
- Next in thread: beatnik: "Re: Question About Firewalls and Hacking"
- Reply: beatnik: "Re: Question About Firewalls and Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Aug 2004 10:00:58 +0200
Linux software firewall in a dual ethernet PC and in each PC anti-spyware
software and anti-virus software. This is a solution that could be freeware.
The only problem you will have is day-0 viruses and trojans... then you need
money. I could suggest the instalation at the PCs of host-IDS solution. I'm
sorry but I consider network-IDS systems a complete waste if money.
(I could explain deeply why host-IDS is a good idea and network-IDS is not).
Another recomendation is to use URL filtering systems installed over SQUID
in the Linux firewall to avoid your users to enter in sex/hacking/cracking
web pages.
Regards,
Fidelio
> We want to click anywhere we like and not get infected evne if we know
> this is a trojan. See? Stateful Packet Inspection against any kinf of
> malware would be very safe even if the user deliberately open a infected
> link or attachement.
>
> We must find a way to do this without paying $4500 for hardware firewall
> appliance! :-)
>
- Next message: Fidelio: "Re: PIX 515 reloading by itself"
- Previous message: beatnik: "Re: Question About Firewalls and Hacking"
- In reply to: beatnik: "Re: Question About Firewalls and Hacking"
- Next in thread: beatnik: "Re: Question About Firewalls and Hacking"
- Reply: beatnik: "Re: Question About Firewalls and Hacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
