> > Is this your personal Internet or a corporate connection? So you are > seeing "a lot of attacks from Russia and Japan"; are those attacks or just > random probing of your network address space? I wonder why Russian government does not ask Checkpoint & other firewall/IDS vendors for some kind of royalty from sales :) regards, W. > > By implementing a HoneyPot you are pretty much guaranteeing that probes and > possible attacks will continue, if not increase in frequency. So these > intrusions will soak up more and more of your Internet bandwidth. Are you > sure you want to do that to your companies Internet connection. > > Many of the folks out there doing HoneyPot research WHO KNOW WHAT THEY ARE > DOING are establishing new Internet connections, separate from their > corporate connection, to host the honey pot. Remember, the HoneyPot draws > interest and draws them away from other connections. > > I think your intent is good but instead of wasting bandwidth on a honeypot > you should work with your provider to classify this traffic, build better > filters and knock this traffic down before or as it arrives at your > Internet connection. > > Just my $0.02. > > Regards, > > Brian > > > >Date: Mon, 26 Mar 2001 09:28:10 -0500 > >From: "Irony" <[EMAIL PROTECTED]> > >Subject: Netscreen or Watchguard Firebox > > > >Anyone had any experience with either Netscreen or Watchguard Firebox ? > >and does my design appear acceptable ? > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> > > > >I am recently seeing a lot of attacks from Russia and Japan on my > >Gauntlet for NT v5.5. I am not at comfortable that I am getting the > >right degree of protection. I am think about doing the following > > > >Internet -->Router--->Firewall > >A----->HoneyPot----->Gauntlet----->IDS--->Internal Network > > > >Will this work and does it make sense > > > >I am looking for suggestions for Firewall A. I cannot afford > >CheckPoint, > > > >Thank You > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
