run an IDS, won't need to log
phil
On Tue, 12 Feb 2002, Paul Armstrong wrote:
> Not to mention such a system doesn't have the ability to log (or do any other
> such important tasks).
>
> Paul.
>
> --
> Paul Armstrong <[EMAIL PROTECTED]>
> Cybersource Pty/Ltd. System administration and development.
> Floor 9 / 140 Queen St. Melbourne. Ph: 9642 5997 Fax: 9642 5998
>
> On Mon, Feb 11, 2002 at 03:10:26PM -0600, Ron DuFresne wrote:
> > As far as I can tell, talking with the writer of the article and others
> > after it;s release, little testing has been done to determine if such a
> > setup can withstand any significant attack or probing in a setting whence
> > the traffic loads were more then minimal and or the rules installed were
> > also, more then minimal also. Little testing under stressful conditions
> > has yet been preformed to determine is such a device is ready for
> > primtetime, YMMV...
> >
> > Thanks,
> >
> > Ron DuFresne
> >
> > On Sun, 10 Feb 2002, Kim, Cameron wrote:
> >
> > > So After reading the article, Have you heard of anyone doing this with
> > > Solaris or FreeBSD? Or even with a Application layer product like Checkpoint
> > > or Raptor? In theory.. It may be possible
> > >
> > > -----Original Message-----
> > > From: David Lang [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, February 08, 2002 6:33 PM
> > > To: David Endler
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: running a firewall in halted state
> > >
> > >
> > > yep, been doing it for years. the fun part is explaining to auditors why you
> > > are having to reboot the box when they ask you to show you it's config
> > > :-)
> > >
> > > if you can get away with packet filtering and are willing to go without logs
> > > it sure eases concerns about vunerable services on the box (the only bug
> > > that can bite you is a kernel bug and they are _Very_ rare)
> > >
> > > David Lang
> > >
> > >
> > > On Fri, 8 Feb 2002, David Endler wrote:
> > >
> > > > Date: Fri, 8 Feb 2002 16:21:39 -0500
> > > > From: David Endler <[EMAIL PROTECTED]>
> > > > To: [EMAIL PROTECTED]
> > > > Subject: running a firewall in halted state
> > > >
> > > > Here's a link to a Sys Admin Magazine article about how to run a linux
> > > > firewall in halted state. pretty cool idea.
> > > >
> > > > http://www.samag.com/documents/s=1824/sam0201d/0201d.htm
> > > > <http://www.samag.com/documents/s=1824/sam0201d/0201d.htm>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
