On Wed, 8 Mar 2000, Security Related wrote:
> I had a couple of ideas to throw out, if they are useless please
> disregard....
>
> 1)What about a warning note on some random ports like the "this x is for
> company x use only. No one else has permission to access this device. blah,
> blah, blah. Disconnect now!" which would give a better legal position should
> someone need to be prosecuted for doing something they shouldn't have.
> Simply initiating a connection to the selected port would pump the message
> out to them
> (a la -> "NC -l -p x < warningfile.TXT")
> This may alreay be the norm, I don't know.
This won't work because most people won't even see these messages, and if
they do and they are a legtimate user, it will break the protocol in most
cases to send something that
You can get away with this in a few services, HTTP, FTP, IMAP, POP because
the client will forward the message to the user.
If you've got TCP Wrappers, this one is a good one if you deny ftp:
in.ftpd: ALL: twist /bin/echo "400 Access denied from your host. Contact
admin"
That's the purpose of twist, but this works on a host-by-host basis and is
terrible for network-wide use.
> 2)What about tying up/closing ports during certain hours. Leave ports x,y,
> and z open during buss hours but close the ones you don't need (say y, and
> z) during off hours. I don't know if most firewall solutions out there allow
What about people working from home? Forget it. The only good solution is
to put the entire network into complete lockdown and run VPN for outside
access. Bring outside services in via encrypted sessions.
-john
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
