On 10 Aug 99, at 14:39, Michael Kelley wrote: > The decision has been made to use a PIX <sp?> firewall. I'm told these > are some fairly stout devices and darned near impenetrable. > I'm looking for is personal opinions regarding this device. I > understand it has logging capabilities and is configurable (I'm told > it's a bitch to configure). It can be configured to dump pretty complete activity reports, via syslog, to whatever other machine(s) you want to have receive them. > I'm making a big deal out of describing how an unwitting user can bring > down a virus by grabbing the latest whack-a-mole game. (We use Inoculan, > so I'm not really that worried about viri on the network.) I am of the > opinion that if we begin with a drastic, "don't you dare go to Persian > Kitty", style of internet policy, it will be somewhat easier to maintain > productivity and reduce risks to the network. One of the things the PIX can log is visited URLs -- sort of. As I recall, we were only able to obtain these for port 80 (standard HTTP), not for 443 (HTTPS), 8080, 1080, 9800 or any of the host of other semi-common alternate HTTP ports. Seems to me the data was also often truncated, so that while we could always read the IP address of the server, we couldn't always be certain of the site/URL hosted there.... David G - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
