10 Gbps firewall.. sure... distributed firewalls.. multiples... There certainly are companies running such...
The point about it being an open network for innovation is a big deal considering it is indeed open and subject to all the tortures... Perhaps the firewall type ideas could be used defensively to insulate when things like this do occur... A reactive measure... I agree about the UDP on production being unnecessary.... Actually, a lot of networking should be cut and pure IP only I believe.... -paris Paris Lundis Founder Areaindex, L.L.C. http://www.areaindex.com http://www.pubcrawler.com 412-292-3135 [finding the future in the past, passing the future in the present] [connecting people, places and things] -----Original Message----- From: Jochem van Dieten <[EMAIL PROTECTED]> Date: Mon, 27 Jan 2003 11:19:54 +0100 Subject: Re: SQL Worm > Paris Lundis wrote: > > A good summary Jochem would be for folks to tune the firewall and > > ensure permissions/allowable IP list... > > Since when can you even buy a 10 Gbps firewall? > > > > In your environment you point out the user base... 8000... > agreeable... > > large base for things... > > > > Tune the firewall and restrict traffic there ... allowing like port > 80 > > in and out disbaling all other services and ports, except those in > a > > defined list of authrozied servers... > > All 8000 systems are authorized servers. About 65525 of 65536 ports > are > authorized ports. You can't firewall a production network where the > product is (supposed to be) innovation. > > > I think we have had this discussion last week already, but firewalls > are > not the answer to all problems. Sure, properly secured firewalls on > machines running MS SQL Server would have prevented this issue (at > least, nobody has convinced me that UDP should be allowed to a > production server at all). But there are allways other scenario's > where > a firewall would not help. In the end, vigilance on all the aspects > of > security is the only way to make sure problems like this worm don't > cause a total meltdown of the internet. > > Jochem > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4