Dear Mario,
Your question comes at a perfect time for me, since I need
to do (about) the samething.
I think that your qestions are nice for a good discussion but
that question should be different. Since only the outside
ethernet adaptor is connected to the net, your focus
should be on that part of the machine.
Hardening the OS will only be benefical if your FW machine
is comprimized... in which case (I think) you really only want
to be notified, and turn the machine off...
What I am going to be looking at and am interested in
is the basic stability of FW-1 on NT... I have heard from
sources that Checkpoint is now developing FW-1 for NT and
than ports it to UNIX, not the otherway around. true?
This should be good for the basic stability of FW-1-on-NT
but again: I am more interested in the expirences other
admins have.
Your wish to 'plug holes in NT' is a cry for a tremendus
list of patches, advisories, updates and other goodies
but again, what you realy want to look at is all that
touches your networkcard...
So I would like to ask the list: how much ip-stack in
a FW-1 config is MS's and how much is replaced by
Checkpoint's?
emj
On Oct 16, 13:37, Mario Muehlbauer wrote:
> Subject: Firewall-1 on NT
> I need to implement Firewall-1 on Windows NT 4.0.
>
> What securtiy holes could be in NT?
>
> How can I harden the OS?
>
> Please no philosophic discussions about NT versus UNIX!
>
> Mario Muehlbauer
>-- End of excerpt from Mario Muehlbauer
--
-------------------------------------------------------------------
Ewout Meij Pinewood Automatisering b.v.
E-mail: ewout @
pinewood .
nl Kluyverweg 2a
Phone: +31-15 268.25.43 2629 HT Delft
Some man are wise and some are otherwise
Follow-Ups:
References:
|
|
