Ask him how long he can afford to have his servers down (money talks).
Also, ask him if he is prepared to answer to the CIO/CEO of the company when
he's questioned on why his network segment was shut down because he's an
incompentent bonehead.
Cheers,
Dennis Keller
Network Security Administrator
DDSP-Z
email: [EMAIL PROTECTED]
> -----Original Message-----
> From: Shawn Savadkohi [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 27, 2000 1:17 PM
> To: [EMAIL PROTECTED]
> Subject: Hey, I DON'T WANT a firewall in front of my network!
>
>
> Forgive me for the blunt subject heading, but unfortunately
> this is a reality I'm facing in my organization.
>
> I'm a network administrator new to firewalls and the list.
> Like so many other organizations, we have a router linking us
> to the Internet which until recently went unfiltered. I've
> successfully deployed a couple firewall devices to change
> this, but my advances in securing our private network haven't
> been met with cheers ("Hey, why can't I get my RealAudio
> streams anymore!"). In particular, there is one department
> head who holds the sentiment I shared in the SUBJECT line.
> This person insists on keeping their segment firewall-free,
> with public IP addresses on workstations and servers alike.
>
> Having been unsuccessful on my own, I'm seeking advice on how
> I can persuade this dept head their machines are at risk.
> Remember I'm dealing with a non-technical member of
> management who would gloss over at responses describing DoS,
> Land attacks, SYN flooding, Bonk/Boink, port scans, etc.
> Real-life episodes of successful hacking I imagine will work
> well. And accept my "Thanks, but no thanks" in advance if
> you'd like to offer a demonstration!
>
> At the risk of exposing too much, let me briefly describe
> what services are unprotected: two (2) HTTP servers, one (1)
> SQL database server, and an NT box that's the PDC for that segment.
>
> Thanks for your responses.
>
> -Shawn
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
