On Tue, 2003-02-11 at 10:30, Ray Olszewski wrote: > At 09:52 AM 2/11/03 -0800, Mike Noyes wrote: > >Everyone, > >I'd like to see us create a set of network diagrams that illustrate > >secure topologies. Is anyone willing to work on this task? > > Other than an LAN that has no Internet connection and no WAP (and good > locks on all the doors), I cannot think of a topology that is *itself* > secure. Security resides mainly in the firewall rulesets, not in the actual > network topology ... though certainly some topologies are easier to secure > than others (and there are bozo-level configurations that cannot > conceivably be made secure by any standard). In any case, security is not a > yes-or-no standard; the tradeoff between safety and usability is a > balancing act. > > So perhaps you could expand on this a bit, to give a better sense of what > you have in mind?
Ray, I agree with your security statements above. Your knowledge of network security far exceeds mine, so evaluate my suggestion with this in mind. Here are some examples of what I'm suggesting. http://www.nta-monitor.co.uk/fact-sheets/topology-main.htm http://www.firewall.cx/firewall_topologies.php > P.S. What are "Dia source files"? Dia is a vector graphics program, with a limited subset of Visio features. It's part of GNOME Office. Dia a drawing program http://www.gnome.org/gnome-office/dia.shtml -- Mike Noyes <mhnoyes @ users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
