Home page logo

basics logo Security Basics mailing list archives

Re: More Firewall Questions
From: Shawn Duffy <pakkit () codepiranha org>
Date: Thu, 29 May 2003 13:56:42 -0400 (EDT)

I guess it really depends on what the scripts do... Either way, I would
schedule an outage window if I were you.  If this is a production
firewall, you don't want to run a test like this and assume nothing will
break.  That doesn't mean you have to take it down, but I would schedule a
window so that potentially affected users know that maintenance will be
done and a short outage is possible...

Shawn Duffy, CCNA CCSE
email: pakkit at codepiranha dot org
web: http://codepiranha.org/~pakkit
gpg key: http://codepiranha.org/~pakkit/pakkit.asc
gpg fpr: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
having problems reading email from me? http://codepiranha.org/~pakkit/pgp-trouble.html

On Thu, 29 May 2003 kurtis.myers () us army mil wrote:

My agency has Symantec Enterprise Firewall V6.5.0 and it needs to be re-certified as being security compliant; to 
accomplish this we will run a series of scripts against the OS (WINNT 4.0).

The bottom line question is: do we need to bring this firewall off line to run the scripts?

The scripts only evaluate the values of the registry and not the functioning of the firewall software; we have 
reviewed the current rules and have accepted them as adequate, but must complete the OS verification.  After the OS 
assessment we will conduct penetration testing.

Any recommendations or comments to our concept of verifying our firewall's security are welcomed.

Kurt Myers
IA Officer


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]