On Sun, 28 Oct 2001, R. DuFresne wrote:
>
>
> One quick question, if the OS the fw runs on is sun based, do you make
> sure snoop is removed also?
snoop isn't on my solaris image. I haven't had anyone ask for it either
though. If/when they do, I will tell them no. If/when they demand it I
will have to read through all these emails again trying to find a reason
why it should not be there. It isn't a perfect policy, but its what I
have... and it has worked so far.
>
> Opps, make that two quick questions, the second being, if you have no
> account on the fw at all, who monitors or audits the system to make sure
> it is policy compliant?
>
In the future, when audits are done of the system, any software which is
not supposed to be there will be caught. I honestly trust the techs that
administer them though; how can you not trust the person you are relying
on to administer your firewall? (rhetorical question)
> Thanks,
>
> Ron DuResne
>
--Paul
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 29 2001
Intro
