In case of a hacked web server, you can easily isolate the server from the rest of the network and watch in the log for the rebounds attempts.
Nicolas Figaro -----Original Message----- From: Wes Noonan [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2003 5:25 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] use of internal firewalls I'm actually writing a book on this subject (technically it is on hardening your network infrastructure, but this will be a component in a chapter). The quick answers off the hip are: 1) To protect internal resources such as business critical servers and systems (i.e. HR data) from threats in the exact same manner that you protect your network from the Internet. 2) To filter and restrict data entering your network over non-Internet based links. For example, putting a firewall between your frame-relay router and your internal network. 3) To very granularly restrict the traffic that can pass through a given segment. For example, if you run a bunch of file servers you can place a firewall in front of them and only allow file sharing ports to be opened from your users. 4) To provide application proxy functionality against your servers. Here is a quick CERT recommendation: http://www.cert.org/security-improvement/practices/p075.html HTH Wes Noonan [EMAIL PROTECTED] http://www.wjnconsulting.com > -----Original Message----- > From: Mailing list for discussion of Firewall-1 [mailto:FW-1- > [EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Tuesday, December 09, 2003 09:44 > To: [EMAIL PROTECTED] > Subject: [FW-1] use of internal firewalls > > Hi > > Anyone have any good documents on why one should use a internal > firewall, or statistics on the number or organisations using internal > firewalls. > > > > > This E-mail transmission may contain confidential or legally > privileged information that is intended for the addressee only. E-mail > communications are not necessarily secure and may be intercepted or > altered after they are sent. Norwich Union International does not > accept liability for any such alterations. Any views or opinions > presented are solely those of the author and do not necessarily > represent those of Norwich Union International. If you are not the > intended recipient, you are hereby notified that any disclosure, > copying, distribution or reliance upon the contents of this E- mail is > strictly prohibited. If you have r eceived this E-mail transmission in > error, please notify the sender immediately, so that Norwich Union > International may arrange for its proper delivery. Please then delete > the message from your inbox. While steps have been taken to prevent > computer vir uses, we cannot guarantee that attachments are virus free > and we would therefore advise that you make further checks as Norwich > Union International are not liable to third parties for any damages > resulting. > > Norwich Union International Limited is supervised by the Regulatory > Authorities of the Republic of Ireland. > > Norwich Union International Limited 6 Georges Dock International > Financial Services Centre Dublin 1 Republic of Ireland Registered No > 303257 Telephone + 353 1 802 8494 Fax + 353 1 802 8400 > www.nuinternational.com > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
