Hi all
> >I'd say that the definition is actually closer to "A firewall is a system
> >or collection of systems designed to enforce a security policy."
>
> That's an acceptable one too. After all, there's enough space in this
> world to
> make everyone happy.
>
Actually, this is probably the only definition that can be made to apply to
all of the variations that exist. It is, of course, much too general for the
pointy-haired (can anyone tell me where that expression comes from,
incidentally?).
> Note however that our definitions are not the most used in this world. The
> most
> used definition is: a firewall is a system that enables some companies to
> adequately earn money by selling inadequate solutions to inadequate users
> at inadequate prices, and then selling inadequate maintenance...
>
Heh heh heh, good one there! :-) I like that, I'll keep this mail for
reference.
> >If your security policy states "anything can get into our network, as
> >long as we know what it is, so that we can manually counter attacks
> >later on", your "firewall" could consist of packet sniffers placed
> >at all points of contact with other networks (such as the Internet).
>
Sounds like what a fair amount of people refer to as IDS, or am I mistaken?
> >By the way, this is the kind of firewall that I like. Separate
> >machines are great. I spit in the face of all do-everything-on-the-
> >same-machine type guys! Pah! :) :)
>
> yes, it is hardly understandable to see people seeking a single host to do
> everything (how many customers have I heard who wanted the http proxy to
> do
> caching.
>
OK, then we're three and counting. Anyone else feel like joining in?
> and when the answer was not, the next question was "can I install squid on
>
> the firewall".
> I still don't know if the right answer is "yes, you can even install
> windows", or is it
> "no, but we can do that for you, for a few $1000"?), when the internet
> itself is about
> using multiple hosts to do anything.
>
Question: what are the preferred WWW proxies for placement within a DMZ?
Greets
Tobias
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
