I think that IT people with a little security training know better. The
self-taught may be fooled into thinking that.
Derek Spransy wrote:
I think that a lot of IT people with little security training think that a firewall
is an all in one solution.
[snip]
--
James W. Meritt CISSP,
:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 4:57 AM
To: Omar Koudsi; [EMAIL PROTECTED]
Subject: Re: Hardening VS firewalling ?
If I have to choose _only_ one, then I would go for security patches,
but if I use time optimization as a base for my decision, then I
would firewall to deny
everyone is having a nice weekend,
Leon
- -Original Message-
From: Octavio / Super [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 4:57 AM
To: Omar Koudsi; [EMAIL PROTECTED]
Subject: Re: Hardening VS firewalling ?
If I have to choose _only_ one, then I would go for security patches
I find that I can hardly call a single point of failure an advantage.
-Original Message-
From: Devdas Bhagat [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 4:29 AM
To: [EMAIL PROTECTED]
Subject: Re: Hardening VS firewalling ?
Another advantage of a firewall
:[EMAIL PROTECTED]]
Sent: Monday, January 07, 2002 6:30 PM
To: [EMAIL PROTECTED]
Subject: Hardening VS firewalling ?
OK, I know this is more of a theoretical debate, because in reality we
are able and should do BOTH.
But according to you, which is more important? Paying attention to
having great
Back to the crunchy on the outside, chewy on the inside vs. tough to
chew through and through, huh? I've seen it well implemented both
ways. My PERSONAL preference is that a firewall is not needed for a
network if EVERYONE on that net using EVERY system is fully versed in
hardening methods. It
I would choose hardening, because ultimately (in general)
it is a host that is being compromised, not a network
(at least not directly). You can firewall all you want but
if you are not configuring the services securely that you DO
let through then you are still at great risk. Additionally,
if
Personally, Id chose a great firewall. Becasue firewalls effectively seperate
your business critical apps, services or whatever from the rest of the prying
world, youve got a kind of safety net to fall on. Most OS and applications
dont come out of the box with gaping exploitable security
be to unplug the router until you have the network secured, but that's
almost never an option.
- Wayne Johnson
-Original Message-
From: Robert D. Hughes [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 12:25 AM
To: [EMAIL PROTECTED]
Subject: RE: Hardening VS firewalling
:30 PM
To: [EMAIL PROTECTED]
Subject: Hardening VS firewalling ?
OK, I know this is more of a theoretical debate, because in reality we
are able and should do BOTH.
But according to you, which is more important? Paying attention to
having great firewall with a great ACL more than hardening
OK, I know this is more of a theoretical debate, because in reality we
are able and should do BOTH.
But according to you, which is more important? Paying attention to
having great firewall with a great ACL more than hardening
and patching
the systems? Or not have to worry about the
If I have to choose _only_ one, then I would go for security patches, but if I use
time optimization as a base for my decision, then I would firewall to deny everything
except explicitly necessary services and then I would security-patch all of those
explicitly allowed services.
If time is
OK, I know this is more of a theoretical debate, because in reality we
are able and should do BOTH.
But according to you, which is more important? Paying attention to
having great firewall with a great ACL more than hardening and patching
the systems? Or not have to worry about the firewall or
13 matches
Mail list logo