Great Circle Associates Firewalls
(February 1994)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: restricting Internet Access
From: richard @ wizard . ucs . sfu . ca (Richard Chycoski)
Date: Tue, 8 Feb 94 08:50:59 PST
To: firewalls @ greatcircle . com

>   Schipper> We've installed a firewall that works two ways. We
>   Schipper> consider the internal network as save (or unsave) as  
>   Schipper> Internet. So every connection that originates from  
>   Schipper> the internal network has to go through our firewall as
>   Schipper> well.

Troost> I'm confused by this; do you mean internal->internal  
connections go
Troost> through the firewall? Or do you mean you need to stop  
internal people
Troost> from cracking external machines?? I find that if you have to  
Troost> yourself against internal users, the best recurse usually  
Troost> security guards and not technical solutions.

If you are running a University (or otherwise 'uncontrolled'  
environment) network, it isn't unusual to consider the internal users  
as much of a security risk as those external to the organisation.  
Students don't have the same accountability to the management as  
employees of a company.

- Richard Chycoski                    richard @
 sfu .
 ca (NeXT Mail OK)
  Senior Systems Consultant
  Academic Computing Services
  Simon Fraser University

Indexed By Date Previous: Re: Two security issues
From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Next: Re: Two security issues
From: Brad . Powell @ EBay . Sun . COM ( Brad Powell - Sun CIS)
Indexed By Thread Previous: Re: restricting Internet Access
From: hp90101 @ internet . sbi . com (Harry Protoolis)
Next: Re: restricting Internet Access
From: Brad . Powell @ EBay . Sun . COM ( Brad Powell - Sun CIS)

Search Internet Search