-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: jeudi 28 juin 2001 01:16
To: [EMAIL PROTECTED]
Subject: Firewalls digest, Vol 1 #52 - 9 msgs
Send Firewalls mailing list submissions to
[EMAIL PROTECTED]
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.gnac.net/mailman/listinfo/firewalls
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Firewalls digest..."
Today's Topics:
1. Re: Managed Service Providers (Ron DuFresne)
2. Re: Managed Service Providers ([EMAIL PROTECTED])
3. Re: Managed Service Providers (Zachary Uram)
4. Re: Managed Service Providers (Ron DuFresne)
5. Re: Managed Service Providers (Ron DuFresne)
6. Re: Managed Service Providers (Greg Sheard)
7. RE: Managed Service Providers (Hank Wethington)
8. Research information (Hank Wethington)
9. Re: Managed Service Providers ([EMAIL PROTECTED])
--__--__--
Message: 1
Date: Wed, 27 Jun 2001 16:27:21 -0500 (CDT)
From: Ron DuFresne <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
smoke and mirrors has been one of the issues with managed service
providers and especially managed security providers for sometime. Just
becuase they may sell you a service for IDS does not mean alot if the
IDS
is setup on the exterior of the network and they are constantly alerting
you and your staff of 'intrusion detections' 30-500 times a day. In
fact,
it tends to devalue such 'warnings' to the point folks tend to just
start
routing those reports to the trash bin. Thourough reading of contracts
in
such outsourcing aggreements is a must, as well as *understanding* what
those contracts are really saying.
Thanks,
Ron DuFresne
On Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
> Biased is ok. How does one go about validating that a managed service
> provider stuff is actually working?
> Is there some sort litmus test procedure that the customer has to sign
off
> signifying that the manage service provider selected is actually
receiving
> and responding to valid intrusions?
> How long is the tuning process to adjust to particular customer's
environment
> How long is the provisioning process from signed contract to actual
turning
> up the customer and handing them over to ops or monitoring?
> What type of people are actually doing the monitoring (certified and
> trained security experts) or (people off the street and then becoming
a
> human IDS)??
>
> DigitalMojo does not state how they do this except a bunch of smoke
and
> mirrors about ShadowPatrol or ShadowWatch, playing off the them of
"Only
> the Shadow Knows".. There has to be more to managed security services
than
> this ??
>
> /m
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
--__--__--
Message: 2
Date: Wed, 27 Jun 2001 14:33:09 -0700
To: Ron DuFresne <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
Cc: [EMAIL PROTECTED]
Smoke and mirrors has been an issue with Managed Security Service since
the
early 90's. also Buyer beware. How do you the person sitting back
watching the screens is actually a bonafide security type person and not
some person who got hired because they should up at DefCon and impressed
someone with their Pez collection (true story).. :) A lot of the
debunking
is not the actual alert but really happens behind the scenes to
determine
if one or many alerts are actually valid or not. Each environment can
generate their own typical noise or discard that normally traverses the
network on a daily basis. It is the MSP's job to sort through the noice
or
discard and actually call the customer to tell them that their is an
actual
intrusion or possible intrusion. Now this whole process seems a bit
tedius
and the folks at ADT can probably provide better statistics on false
positives than an a MSP can, but back to the point, what value does an
MSP
like DigitalMojo provide when if you read between the lines, they
actually
outsource to other MSPs..
/m
At 04:27 PM 6/27/2001 -0500, Ron DuFresne wrote:
>smoke and mirrors has been one of the issues with managed service
>providers and especially managed security providers for sometime. Just
>becuase they may sell you a service for IDS does not mean alot if the
IDS
>is setup on the exterior of the network and they are constantly
alerting
>you and your staff of 'intrusion detections' 30-500 times a day. In
fact,
>it tends to devalue such 'warnings' to the point folks tend to just
start
>routing those reports to the trash bin. Thourough reading of contracts
in
>such outsourcing aggreements is a must, as well as *understanding* what
>those contracts are really saying.
>
>Thanks,
>
>Ron DuFresne
--__--__--
Message: 3
Date: Wed, 27 Jun 2001 17:58:35 -0400 (EDT)
From: Zachary Uram <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: Ron DuFresne <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
i don't understand what someone would rely on an outsider to
manage their security structure?
it seems this is best handled on the inside (with firewalls, IDS,
etc..). and if you are just one of many customers won't you get
less intense/frequent scrutiny than if you had your own dedicated
security staff person whose job is to manage your network
security?
Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
> Smoke and mirrors has been an issue with Managed Security Service
since the
> early 90's. also Buyer beware. How do you the person sitting back
> watching the screens is actually a bonafide security type person and
not
> some person who got hired because they should up at DefCon and
impressed
> someone with their Pez collection (true story).. :) A lot of the
debunking
> is not the actual alert but really happens behind the scenes to
determine
> if one or many alerts are actually valid or not. Each environment can
> generate their own typical noise or discard that normally traverses
the
> network on a daily basis. It is the MSP's job to sort through the
noice or
> discard and actually call the customer to tell them that their is an
actual
> intrusion or possible intrusion. Now this whole process seems a bit
tedius
> and the folks at ADT can probably provide better statistics on false
> positives than an a MSP can, but back to the point, what value does an
MSP
> like DigitalMojo provide when if you read between the lines, they
actually
> outsource to other MSPs..
>
> /m
>
> At 04:27 PM 6/27/2001 -0500, Ron DuFresne wrote:
>
> >smoke and mirrors has been one of the issues with managed service
> >providers and especially managed security providers for sometime.
Just
> >becuase they may sell you a service for IDS does not mean alot if the
IDS
> >is setup on the exterior of the network and they are constantly
alerting
> >you and your staff of 'intrusion detections' 30-500 times a day. In
fact,
> >it tends to devalue such 'warnings' to the point folks tend to just
start
> >routing those reports to the trash bin. Thourough reading of
contracts in
> >such outsourcing aggreements is a must, as well as *understanding*
what
> >those contracts are really saying.
> >
> >Thanks,
> >
> >Ron DuFresne
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
--__--__--
Message: 4
Date: Wed, 27 Jun 2001 17:09:01 -0500 (CDT)
From: Ron DuFresne <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
<quote>
A lot of the debunking
is not the actual alert but really happens behind the scenes to
determine
if one or many alerts are actually valid or not.
</quote>
<chuckle> It can be worse then this, some managed sec providers do
nothing to make a determination, they merely have it stated in the
paperwork that they will notify the client of *any* attempts, it
certainly changes the the focus of what responsibility is in the
situation. Now, you tell me, if open, untuned sensors are sitting on
the
outside perimiter of a large corporation, how many alerts a day might
they
get of various inappropriate packets hitting those sensors?
Take it this way; how is
policy enforced and what determines what a policy is? Is the managed
security provider to implement rules in perimiter equipment that is
outrightly *dangerous* if the client contact makes such a request?
Should
the tech taking the request actually contact the client contact to
advise
them of known issues that petain to the request in hand? What actually
constitutes a security policy, merely rules set in the perimiter
devices?
Is it subject to one or two admins at the client site just deciding that
these requested changes need to be implimented? It sometimes becomes a
question at the managed provider end, of what it is they are supposed to
be implimenting. Granted a policy is not a static entity, still to make
major deviations from a documented policy, should a managed provider
just
simply make changes issued from a contact at the client side, should
upper
level senior mgt be advised of such requests? Then again, since the
corporation decided to outsource their security, do they have anyone
knowledgeable on their end to actually understand the corporate policy
and
ramifications of requests they are considering?
Outsourcing is not a simple black and white issue, and it has
ramifications that need to be faced by both sides in any contractual
agreement in these areas. but, it's all defined on paper, or at least
should be, before the managed services in question are taken over.
Still,
I've seen some pretty large corporations poorly define entities and
services and end up with quite a mess on their hands after all the dots
and slashes were placed and signatures and checks exchnged, in both
security outsourcing and network management. On oneside, folks need to
know what they can supply and offer as a real service and still make a
buck. On the other, folks need to accuratly detail in writing, after
verbal negociations, and define what they require, and at a minimum what
services they are contracting for.
Thanks,
Ron DuFresne
On Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
> Smoke and mirrors has been an issue with Managed Security Service
since the
> early 90's. also Buyer beware. How do you the person sitting back
> watching the screens is actually a bonafide security type person and
not
> some person who got hired because they should up at DefCon and
impressed
> someone with their Pez collection (true story).. :) A lot of the
debunking
> is not the actual alert but really happens behind the scenes to
determine
> if one or many alerts are actually valid or not. Each environment can
> generate their own typical noise or discard that normally traverses
the
> network on a daily basis. It is the MSP's job to sort through the
noice or
> discard and actually call the customer to tell them that their is an
actual
> intrusion or possible intrusion. Now this whole process seems a bit
tedius
> and the folks at ADT can probably provide better statistics on false
> positives than an a MSP can, but back to the point, what value does an
MSP
> like DigitalMojo provide when if you read between the lines, they
actually
> outsource to other MSPs..
>
> /m
>
> At 04:27 PM 6/27/2001 -0500, Ron DuFresne wrote:
>
> >smoke and mirrors has been one of the issues with managed service
> >providers and especially managed security providers for sometime.
Just
> >becuase they may sell you a service for IDS does not mean alot if the
IDS
> >is setup on the exterior of the network and they are constantly
alerting
> >you and your staff of 'intrusion detections' 30-500 times a day. In
fact,
> >it tends to devalue such 'warnings' to the point folks tend to just
start
> >routing those reports to the trash bin. Thourough reading of
contracts in
> >such outsourcing aggreements is a must, as well as *understanding*
what
> >those contracts are really saying.
> >
> >Thanks,
> >
> >Ron DuFresne
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
--__--__--
Message: 5
Date: Wed, 27 Jun 2001 17:21:10 -0500 (CDT)
From: Ron DuFresne <[EMAIL PROTECTED]>
To: Zachary Uram <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
On Wed, 27 Jun 2001, Zachary Uram wrote:
> i don't understand what someone would rely on an outsider to
> manage their security structure?
> it seems this is best handled on the inside (with firewalls, IDS,
> etc..). and if you are just one of many customers won't you get
> less intense/frequent scrutiny than if you had your own dedicated
> security staff person whose job is to manage your network
> security?
This is the pipedream of all with a network exposure, but, there are
issues that limit this to reality;
1) there are just not enough security professionals to go around,
though
I'm betting some companies could make out like bandits during this
*regression* in the IT field in general as it concerns the job market at
present.
2) Perhaps even more importantly in a total picture perspective;
companies with networks be they attached to the internet or not,
actually
find themselve as being two compnaies combined, the one company being
the
bread maker, the business of which they conduct and the products and or
services they provide, and the second company, often a money sucker
rather
then a money maker, the IT division. Sometimes those two companies
within
are even at opposition to one another! <grin>
Thanks,
Ron DuFresne
>
> Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
>
> > Smoke and mirrors has been an issue with Managed Security Service
since the
> > early 90's. also Buyer beware. How do you the person sitting back
> > watching the screens is actually a bonafide security type person and
not
> > some person who got hired because they should up at DefCon and
impressed
> > someone with their Pez collection (true story).. :) A lot of the
debunking
> > is not the actual alert but really happens behind the scenes to
determine
> > if one or many alerts are actually valid or not. Each environment
can
> > generate their own typical noise or discard that normally traverses
the
> > network on a daily basis. It is the MSP's job to sort through the
noice or
> > discard and actually call the customer to tell them that their is an
actual
> > intrusion or possible intrusion. Now this whole process seems a bit
tedius
> > and the folks at ADT can probably provide better statistics on false
> > positives than an a MSP can, but back to the point, what value does
an MSP
> > like DigitalMojo provide when if you read between the lines, they
actually
> > outsource to other MSPs..
> >
> > /m
> >
> > At 04:27 PM 6/27/2001 -0500, Ron DuFresne wrote:
> >
> > >smoke and mirrors has been one of the issues with managed service
> > >providers and especially managed security providers for sometime.
Just
> > >becuase they may sell you a service for IDS does not mean alot if
the IDS
> > >is setup on the exterior of the network and they are constantly
alerting
> > >you and your staff of 'intrusion detections' 30-500 times a day.
In fact,
> > >it tends to devalue such 'warnings' to the point folks tend to just
start
> > >routing those reports to the trash bin. Thourough reading of
contracts in
> > >such outsourcing aggreements is a must, as well as *understanding*
what
> > >those contracts are really saying.
> > >
> > >Thanks,
> > >
> > >Ron DuFresne
> >
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> >
>
>
> [EMAIL PROTECTED]
> "Blessed are those who have not seen and yet have faith." - John 20:29
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
--__--__--
Message: 6
From: "Greg Sheard" <[EMAIL PROTECTED]>
To: "Zachary Uram" <[EMAIL PROTECTED]>
Cc: "Ron DuFresne" <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
Subject: Re: Managed Service Providers
Date: Wed, 27 Jun 2001 23:24:15 +0100
[Full Disclosure: I work for a security firm. One of the things we sell
is
managed systems.]
>From public data, most huge companies either get a huge company to do
their
security (BT, IBM, etc) or get a huge team of skilled professionals to
permanently keep an eye on things. Most big (so not huge... never been
good
at talking!) companies will tend to have a small team within their MIS
department.
Then you get down to the SMEs. Any SME who wants to use email in the
workplace now virtually always has an always-on connection of some kind,
even here in the UK. The usual best-case scenario is a Windows 2000 box
serving Internet. Occasionally there's a router with access-control.
Something like 95% of SMEs in the UK have no real security. Unless
they're
on the large side, they probably can barely afford an IT guy at all. In
their shoes, would you drain money with another salary or pay comparably
little (a tenth as much?) for somebody to manage your systems?
OK, so I'm only a geek, not a suit. Even so, seems plain to me.
Just my $0.001 (I'm told I'm ten a penny...)
Greg.
Zachary Uram wrote:
> i don't understand what someone would rely on an outsider to
> manage their security structure?
> it seems this is best handled on the inside (with firewalls, IDS,
> etc..). and if you are just one of many customers won't you get
> less intense/frequent scrutiny than if you had your own dedicated
> security staff person whose job is to manage your network
> security?
Greg Sheard
Senior Associate
ECSC Ltd
The information in this email is confidential and legally privileged. It
is
intended solely for the addressee. Access to the email by anyone else is
unauthorised. If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken upon
reliance on it, is prohibited and unlawful. When addressed to our
clients
any opinions or advice contained in this email are subject to the terms
and
conditions expressed in the governing ECSC Conditions of Service. The
contents of any attachment may contain viruses. Whilst ECSC has taken
reasonable precautions to minimise risk we cannot accept liability for
any
damage you sustain as a result of software viruses. You should carry out
your own virus checks before opening any attachments.
--__--__--
Message: 7
From: "Hank Wethington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: RE: Managed Service Providers
Date: Wed, 27 Jun 2001 15:27:27 -0700
The issue is that a dedicated security person could cost an organization
$60-$100+k a year, plus the hardware needed to do the job right. MSP's
are a
fraction of that. Finding a good one is a hard job. It comes down to
evaluation an organization over time. Unfortunately because of the
relative
newness, that's tough. There might be a few changes in your MSP before
you
find a good one. I do think, that like people who call themselves
Information Security Specialists, it is a weeding process. Get someone
you
trust, security wise, involved if you really need to go down that road
and
don't feel comfortable evaluating them your self.
For all that's worth...
Hank Wethington
================================================
Information Logistics
www.GoInfoLogistics.com
mailto:info.at.GoInfoLogistics.com
================================================
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Zachary Uram
Sent: Wednesday, June 27, 2001 2:59 PM
To: [EMAIL PROTECTED]
Cc: Ron DuFresne; [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
i don't understand what someone would rely on an outsider to
manage their security structure?
it seems this is best handled on the inside (with firewalls, IDS,
etc..). and if you are just one of many customers won't you get
less intense/frequent scrutiny than if you had your own dedicated
security staff person whose job is to manage your network
security?
Wed, 27 Jun 2001 [EMAIL PROTECTED] wrote:
> Smoke and mirrors has been an issue with Managed Security Service
since
the
> early 90's. also Buyer beware. How do you the person sitting back
> watching the screens is actually a bonafide security type person and
not
> some person who got hired because they should up at DefCon and
impressed
> someone with their Pez collection (true story).. :) A lot of the
debunking
> is not the actual alert but really happens behind the scenes to
determine
> if one or many alerts are actually valid or not. Each environment can
> generate their own typical noise or discard that normally traverses
the
> network on a daily basis. It is the MSP's job to sort through the
noice
or
> discard and actually call the customer to tell them that their is an
actual
> intrusion or possible intrusion. Now this whole process seems a bit
tedius
> and the folks at ADT can probably provide better statistics on false
> positives than an a MSP can, but back to the point, what value does an
MSP
> like DigitalMojo provide when if you read between the lines, they
actually
> outsource to other MSPs..
>
> /m
>
> At 04:27 PM 6/27/2001 -0500, Ron DuFresne wrote:
>
> >smoke and mirrors has been one of the issues with managed service
> >providers and especially managed security providers for sometime.
Just
> >becuase they may sell you a service for IDS does not mean alot if the
IDS
> >is setup on the exterior of the network and they are constantly
alerting
> >you and your staff of 'intrusion detections' 30-500 times a day. In
fact,
> >it tends to devalue such 'warnings' to the point folks tend to just
start
> >routing those reports to the trash bin. Thourough reading of
contracts
in
> >such outsourcing aggreements is a must, as well as *understanding*
what
> >those contracts are really saying.
> >
> >Thanks,
> >
> >Ron DuFresne
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
--__--__--
Message: 8
From: "Hank Wethington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Research information
Date: Wed, 27 Jun 2001 15:24:24 -0700
I've been asked to evaluate Mandrake's Single Network Firewall 7.2 for a
customer. I've conducted a few searches on Goggle and stuff and haven't
found much information, except marketing, for it. From an initial look,
it
seems to be just using IPCHAINS and a fancy interface. It does have some
nice built in features for a small company without a lot of technical
expertise.
I was wondering if anyone had experience with it in the real world. How
is
the performance? How do you feel about the security it provides. Is it
just
using IPCHAINS?
I'm grabbing a copy and gonna check it out too, but I was hoping someone
has
seen it being used.
Hank Wethington
================================================
Information Logistics
www.GoInfoLogistics.com
mailto:info.at.GoInfoLogistics.com
================================================
--__--__--
Message: 9
Date: Wed, 27 Jun 2001 15:37:23 -0700
To: "Greg Sheard" <[EMAIL PROTECTED]>,
"Zachary Uram" <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Subject: Re: Managed Service Providers
Cc: "Ron DuFresne" <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]>
A little off base, going from MSP managed an organization's corporate
security to monitoring the end-nodes users. A majority of the MSP do
not
offer that kind of granularity unless a customer is willing to pay lots
and
lots of dough, therefore allowing the MSP to staff itself with more than
5
people for 7x24 coverage.. Remember design for 10, but seat 7 is always
a
MSP model to monitor up to 30 customers at a time.
:)
At 11:24 PM 6/27/2001 +0100, Greg Sheard wrote:
[Full Disclosure: I work for a security firm. One of the things we sell
is
managed systems.]
From public data, most huge companies either get a huge company to do
their
security (BT, IBM, etc) or get a huge team of skilled professionals to
permanently keep an eye on things. Most big (so not huge... never been
good
at talking!) companies will tend to have a small team within their MIS
department.
Then you get down to the SMEs. Any SME who wants to use email in the
workplace now virtually always has an always-on connection of some kind,
even here in the UK. The usual best-case scenario is a Windows 2000 box
serving Internet. Occasionally there's a router with access-control.
Something like 95% of SMEs in the UK have no real security. Unless
they're
on the large side, they probably can barely afford an IT guy at all. In
their shoes, would you drain money with another salary or pay comparably
little (a tenth as much?) for somebody to manage your systems?
OK, so I'm only a geek, not a suit. Even so, seems plain to me.
Just my $0.001 (I'm told I'm ten a penny...)
Greg.
Zachary Uram wrote:
> i don't understand what someone would rely on an outsider to
> manage their security structure?
> it seems this is best handled on the inside (with firewalls, IDS,
> etc..). and if you are just one of many customers won't you get
> less intense/frequent scrutiny than if you had your own dedicated
> security staff person whose job is to manage your network
> security?
Greg Sheard
Senior Associate
ECSC Ltd
The information in this email is confidential and legally privileged. It
is
intended solely for the addressee. Access to the email by anyone else is
unauthorised. If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken upon
reliance on it, is prohibited and unlawful. When addressed to our
clients
any opinions or advice contained in this email are subject to the terms
and
conditions expressed in the governing ECSC Conditions of Service. The
contents of any attachment may contain viruses. Whilst ECSC has taken
reasonable precautions to minimise risk we cannot accept liability for
any
damage you sustain as a result of software viruses. You should carry out
your own virus checks before opening any attachments.
--__--__--
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
End of Firewalls Digest
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
