> -----Original Message-----
> From: Mike Noyes [mailto:[EMAIL PROTECTED]] 
> 
> On Tue, 2003-02-11 at 10:30, Ray Olszewski wrote:
> > At 09:52 AM 2/11/03 -0800, Mike Noyes wrote:
> > >Everyone,
> > >I'd like to see us create a set of network diagrams that 
> illustrate 
> > >secure topologies. Is anyone willing to work on this task?
> > 
> > Other than an LAN that has no Internet connection and no 
> WAP (and good 
> > locks on all the doors), I cannot think of a topology that 
> is *itself* 
> > secure. Security resides mainly in the firewall rulesets, 
> not in the 
> > actual network topology  ... though certainly some topologies are 
> > easier to secure than others (and there are bozo-level 
> configurations 
> > that cannot conceivably be made secure by any standard). In 
> any case, 
> > security is not a yes-or-no standard; the tradeoff  between 
> safety and 
> > usability is a balancing act.
> > 
> > So perhaps you could expand on this a bit, to give a better 
> sense of 
> > what you have in mind?
> 
> Ray,
> I agree with your security statements above. Your knowledge 
> of network security far exceeds mine, so evaluate my 
> suggestion with this in mind.
> 
> Here are some examples of what I'm suggesting.
> 
> http://www.nta-monitor.co.uk/fact-sheets/topology-main.htm
> http://www.firewall.cx/firewall_topologies.php
> 
> > P.S. What are "Dia source files"?
> 
> Dia is a vector graphics program, with a limited subset of 
> Visio features. It's part of GNOME Office.
> 
> Dia a drawing program
> http://www.gnome.org/gnome-office/dia.shtml
> 
> --
> Mike Noyes <mhnoyes @ users.sourceforge.net> 

What is the audience?

What would these diagrams be used for?  
Showing standard and other potenetial LEAF configurations?

Something we could reference new users to?

Showing potential best practices with opening ports and outlining the
consequences?

I had thought of doing something like this in gif/jpeg/png form to refer
folks to when they were describing there networks.

-sp



-------------------------------------------------------
This SF.NET email is sponsored by: FREE  SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your  SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en

_______________________________________________
leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Reply via email to