[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] FW: [FW1] Boson FW-1 Admnistrator Exam
-----Original Message----- From: Tim Cullen Sent: Wednesday, January 17, 2001 2:48 PM To: 'navid atoofi' Subject: RE: [FW1] Boson FW-1 Admnistrator Exam I disagree. With an OS like NT for example, there are too many Windows ports that are open. A hacker does not need to actually connect to bring down your server. SYN attacks are also not full port connects and the server will try to respond to them also. THIS is why the OS needs to be locked down. -----Original Message----- From: navid atoofi [mailto:[email protected]] Sent: Wednesday, January 17, 2001 1:22 PM To: Lance Spitzner; [email protected] Subject: RE: [FW1] Boson FW-1 Admnistrator Exam This can be read different way. 1- The Firewall software is so good which it will take care of all security issues regardless of OS type 2- It is not necessary, but it can be a recommendation I guess if you have rule like any firewall (any except fw protocols) drop Then it really doesn't matter how secure your OS is. of course, it doesn't hurt to apply the basic OS security practices. NA -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Lance Spitzner Sent: Wednesday, January 17, 2001 9:25 AM To: [email protected] Subject: [FW1] Boson FW-1 Admnistrator Exam Recently, I was asked a question about a "Boson" FW-1 Administrator exam. I have no idea what this exam is, nor who sponsors it. However, if the material quouted below is true, then this question greatly disturbs me. I wanted to know if anyone else has ran into this. --- snip snip --- I have always thought that it is necessary to harden the OS for the firewall server. However, I was doing the Boson Checkpoint FW-1 Administrator practice exams when I came across this question: Question: Why is it unnecessary for Firewall-1 to harden the OS? Answer: Firewalls that do not analyze the packet until it gets to the application layer need to protect themselves from the lower layer attacks. Firewall-1 protects itself by analyzing all the layers of the packet. Therefore it is unncessary for the administrator to harden the OS for Firewall-1 server. Is this true???? --- snip snip --- This is absolutely NOT true. If an exam is making these assumptions, then it shows that the author has a total lack of security knowledge. No firewall is impervious to vulnerabilities, Bugtraq demonstrates this again and again. Also, base OS armoring protects the firewall against rulebase or administrative misconfigurations. I highly recommend OS armoring for all firewalls, regardless of the vendor. Part of security is reducing risk at all levels. -- Lance Spitzner http://project.honeynet.org ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|