I would, however, disagree with the statement 100% of firewalls are misconfigured.
Whatever number you find will already be marketing fluff that likely has no scientific basis. It likely will be some scary looking number made up by someone else who also offers managed solutions.
So, sorry, I don't know where you can find that number. Just think of what has been said when you do "find" it. Did/would they classify my example above as misconfigured? You would never know.
Brian
[EMAIL PROTECTED] wrote:
That makes absolutely no sense. Plus I am not looking for a philosophical answer. I was looking statistics for marketing. Does anyone know of a good reference site for firewall and other security statistics.
SKP
-----Original Message-----
From: Justin Pryzby [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2003 6:18 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Firewall configuration statistics
Security,
100% of firewalls are misconfigured. I guarantee that no firewall administrator has considered all of the posibilities that are out there. Moreover, there are guaranteed bugs in the firewalling software itself.
No firewalls are misconfigured. Computers do what they are told, and the occasion cosmic ray bitflip is insignificant compared to human error. FW admins who use broken software or write bad FW policies deserve to suffer the consequences.
Take your pick. As a user, I think all firewalls suck because at best they are another layer for things to get f()'d up, and at worst they prevent me from doing stuff. As an admin, I know of no more problems in my current firewall configuration (-j DENY), but let me check.
Unless you elaborate on whichever number you quote, it is meaningless. Anyone who has ever deal with a firewall will know that. You will, however, impress 99% of everone with a cool word like ''firewall''.
Justin
On Sat, Jun 07, 2003 at 12:42:26AM +0000, [EMAIL PROTECTED] wrote:
I remember once reading that X amount of firewall's are misconfigured.
Does
anyone know where I can get this statistic from? We are making some new marketing material and I would like to include this stat in it. A quotable source would be great.
Thanks
SKP
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
-- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota 612-626-7737
"There are 10 types of people in this world. Those who understand binary and those who don't."
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
