shawn,
consider reading this book:
title: Intrusion Detection
author: Rebecca Bace
publisher: Macmillan Technical Publishing
ISBN: 1-57870-185-6
it's kind of dry, but it's handy for convincing upper management of security
threats. the author, rebecca bace, was an employee of the NSA where she led
the computer misuse and anomaly detection (CMAD) research program for six
years. she's not particularly into telling you how to protect your network,
it's more for knocking around your CIO with by giving pointers for infosec
issues, details on legal issues, and stuff like that. interesting reading.
enjoy,
matt
--
SAIC engineer guy -- yadda, yadda, yadda . . .
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
On Behalf Of Shawn Savadkohi
Sent: Thursday, January 27, 2000 1:17 PM
To: [EMAIL PROTECTED]
Subject: Hey, I DON'T WANT a firewall in front of my network!
Forgive me for the blunt subject heading, but unfortunately this is a
reality I'm facing in my organization.
I'm a network administrator new to firewalls and the list. Like so many
other organizations, we have a router linking us to the Internet which until
recently went unfiltered. I've successfully deployed a couple firewall
devices to change this, but my advances in securing our private network
haven't been met with cheers ("Hey, why can't I get my RealAudio streams
anymore!"). In particular, there is one department head who holds the
sentiment I shared in the SUBJECT line. This person insists on keeping
their segment firewall-free, with public IP addresses on workstations and
servers alike.
Having been unsuccessful on my own, I'm seeking advice on how I can persuade
this dept head their machines are at risk. Remember I'm dealing with a
non-technical member of management who would gloss over at responses
describing DoS, Land attacks, SYN flooding, Bonk/Boink, port scans, etc.
Real-life episodes of successful hacking I imagine will work well. And
accept my "Thanks, but no thanks" in advance if you'd like to offer a
demonstration!
At the risk of exposing too much, let me briefly describe what services are
unprotected: two (2) HTTP servers, one (1) SQL database server, and an NT
box that's the PDC for that segment.
Thanks for your responses.
-Shawn
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
