Hi Shawn:
Do you have a corporate security policy?
If you're trying to install firewalls without an agreed security policy in
place, then you're going to end up banging your head against the wall like
this.
However, here's ammunition for you: - ask that arse-half of a HOD what is
his opinion on any of the following matters:
1. The PDC is compromised and a competitor gets access to
confidential information stored on the unprotected network.
2. The web servers are compromised and contents are removed or
altered.
3. Historical data on the SQL server is modified over the course
of a few months, making the backups useless.
4. The possibility of lawsuits due to the disclosure of confidential
information.
5. The financial impact of having one or more of the system down
for several days, due to hacking.
I could go on and on... :-)
Brian Steele
----- Original Message -----
From: "Shawn Savadkohi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 27, 2000 2:17 PM
Subject: Hey, I DON'T WANT a firewall in front of my network!
> Forgive me for the blunt subject heading, but unfortunately this is a
reality I'm facing in my organization.
>
> I'm a network administrator new to firewalls and the list. Like so many
other organizations, we have a router linking us to the Internet which until
recently went unfiltered. I've successfully deployed a couple firewall
devices to change this, but my advances in securing our private network
haven't been met with cheers ("Hey, why can't I get my RealAudio streams
anymore!"). In particular, there is one department head who holds the
sentiment I shared in the SUBJECT line. This person insists on keeping
their segment firewall-free, with public IP addresses on workstations and
servers alike.
>
> Having been unsuccessful on my own, I'm seeking advice on how I can
persuade this dept head their machines are at risk. Remember I'm dealing
with a non-technical member of management who would gloss over at responses
describing DoS, Land attacks, SYN flooding, Bonk/Boink, port scans, etc.
> Real-life episodes of successful hacking I imagine will work well. And
accept my "Thanks, but no thanks" in advance if you'd like to offer a
demonstration!
>
> At the risk of exposing too much, let me briefly describe what services
are unprotected: two (2) HTTP servers, one (1) SQL database server, and an
NT box that's the PDC for that segment.
>
> Thanks for your responses.
>
> -Shawn
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
