So,
We've rediscovered the fact that the majority or proxy based firewalls for
anything but a few well known protocols are probably not much better that
packet filters, and we've ranted about how this is bad.
Is it the job of the industry to protect us from poor IT management or poor
IT consultants? If a company takes a considered risk assessment and says
"Well, bugger it. I have bucket loads of insurance and I _want_ to run ICQ
to every host on my network" then isn't it the job of firewall vendors to
let them? At the end of the day, the customer is the customer, and they need
to make their own decisions about how stupid they want to be.
Where does the problem lie? Why is it that so few people in the "real world"
are aware of security issues, or are prepared to take them seriously?
Sometimes I don't know if all of us security guys are just paranoid freaks
or if the industry at large are starry-eyed lambs romping into the big happy
safe Internet which is there for the good of all. Doesn't writing firewall
software that won't let you do things because in the opinion of firewall
vendors "that's bad" sound wrong to you guys?
I mean, I'm all there in terms of agreeing that too many sites are
completely deluded about security, and I concede the very valid point that
the new boom in firewalls for the masses has probably contributed to this. I
think the biggest problems we have are lack of expertise - there aren't
enough security people with a clue and lack of acceptance - nobody is
prepared to take security seriously enough to spend some money on it. Now
either we can try and encode this knowledge in some cool new product, or we
can try and raise awareness of security, increase the demand for it and
eventually get more security professionals. I just can't see the growth of
the Internet giving us time to do it.
And yeah, I know this is a big fuzzy post which doesn't actually talk about
anything real. I'm just laying bait. 8)
--
Ben Nagy
Network Consultant, CPM&S Group of Companies
Direct Dial: (08) 8422 8319 Mobile: (0414) 411 520
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
