Firewalls: Re: Info World Firewall Articles

Firewalls
(August 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Info World Firewall Articles
From:	marchany @ vtserf . cc . vt . edu
Date:	Wed, 07 Aug 96 12:32:49 -0400
To:	Steve Kotsopoulos <steve @ ecf . toronto . edu>
Cc:	firewalls @ greatcircle . com, marchany @ vtserf . cc . vt . edu
In-reply-to:	Your message of "Wed, 07 Aug 96 12:04:11 EDT." <96Aug7 . 120412edt . 9791 @ cannon . ecf . toronto . edu>

>Most Unix systems are unfortunately insecure out of the box.
>We should expect all good firewalls to be highly secure out of the box.

I agree 100%. The true test of a firewall package is to see what it does when 
you DON't follow the vendor recommended procedures. How does it handle stupid 
user tricks? What state does it leave your network when something like that 
happens? There's a gap between the people who really read the instructions and those who 
just scan the instructions. Unfortunately, I believe the scanners outnumber the 
readers...:-).


	-Randy Marchany
	VA Tech Computing Center
	Blacksburg, VA 24060.

Follow-Ups:

Re: Info World Firewall Articles
From: "David M. Martin Jr." <dm @ bellcore . com>

References:

Re: Info World Firewall Articles
From: Steve Kotsopoulos <steve @ ecf . toronto . edu>

Indexed By Date	Previous:	Re: Intelligent networks From: Joshua Cole <josh @ itp . eds . com>
Indexed By Date	Next:	Icmp originator From: potlicker @ morebbs . com
Indexed By Thread	Previous:	Re: Info World Firewall Articles From: Steve Kotsopoulos <steve @ ecf . toronto . edu>
Indexed By Thread	Next:	Re: Info World Firewall Articles From: "David M. Martin Jr." <dm @ bellcore . com>