Firewalls: Re: Priorities

Firewalls
(September 1992)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Priorities
From:	little @ carina . hks . com (Jim Littlefield)
Date:	Thu, 24 Sep 1992 08:38:06 -0400
To:	firewalls @ GreatCircle . COM

> 	I prefer to reduce this problem to a more generic statement
> of principle: "The greatest risk is your users."  I solve that problem
> by throwing them all off my firewall completely. That way I have
> exactly 2 passwords I need to worry about, no worries about .rhosts
> or any nonsense like one of my users deciding to fire up IRC.
> 
I agree completely. It is much easier to maintain proper security if
 general access to the firewall is eliminated.

We are currently utilizing the cisco router ip filtering in addition to
the screend provided by Digital with Ultrix. Unfortunately this daemon
is working too well, filtering occasional smtp traffic it should
allow.  If anyone has encountered similar problems, please let me
know.

Jim Littlefield <little @
 hks .
 com>

Indexed By Date	Previous:	Sun's firewall special From: blu @ mc . com (Brian Utterback)
Indexed By Date	Next:	Re: this mailing list From: bill @ WLK . COM (Bill Kennedy)
Indexed By Thread	Previous:	Priorities From: asherman @ fmrco . com (Aaron Sherman)
Indexed By Thread	Next:	Re: Priorities From: <avolio @ dco . dec . com> Frederick M. Avolio