[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] [FW1] Sniffer | new firewall rule | help!
Greetings! On Tue, 15 Apr 2003 07:40:44 -0400 Firewall Security <[email protected]> wrote: > This question is a bit off topic, but will be used to build new > firewall rules: > Here's the goal: identify connections to a particular server. This > info will be used to form access controls and security measures. (aka > new firewall rules) *bzzzt* Wrong answer. Thanks for playing. What you want: Allow access to the server only for selected/trustworthy partners or protocols. What you are doing: Allow access to the server to all those who are using it already. That is an organizational problem, not a technical one. A sniffer never can sign a request - a manager can. General policy for rule requests should be: no signature, no access. Mit freundlichen Grüßen Volker Tanger IT-Security discon gmbh DeTeWe AG & Co. KG Fon +49 30 6104-3307 Fax +49 30 6104-3435 http://www.detewe.de/ -- ------------------------------------------------------------------- Besuchen Sie unsere neuen Internet-Seiten http://www.detewe.de . Neues Highlight: Wunschproduktberater fuer den Home & Office-Bereich. Visit our new Internet Pages on http://www.detewe.de . Our Highlight: Online Product Adviser for Home & Office. (Currently available in German only) ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|