It would be interesting to hear what needs changing that often on a regular
basis.
Tye
-----Original Message-----
From: firewall-wizards-admin_at_honor.icsalabs.com
[mailto:firewall-wizards-admin_at_honor.icsalabs.com] On Behalf Of R. DuFresne
Sent: Saturday, January 28, 2006 4:08 PM
To: Marcus J. Ranum
Cc: Paul D. Robertson; John M; firewall-wizards_at_honor.icsalabs.com
Subject: Re: [fw-wiz] X server in a Firewall
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 24 Jan 2006, Marcus J. Ranum wrote:
> Paul D. Robertson wrote:
>> Indeed, that's why console-only access is the best method.
>
> Indeed; if your firewall rulesets change so often that you find it
> onerous to walk down the hall to the console, then your firewall
> ruleset is changing too often, which probably means you are already in
> a state of screwed.
Would you be infering then that since we change our rulesets bi-weekly,
every week of the year on about a hundred or more firewalls in esaps
<managed zines for each agency, that we change too often?
Thanks,
Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com Key fingerprint = 9401 4B13 B918
164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover instead of creating the
perfect love.
-Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP
SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFD2+tGst+vzJSwZikRAj2kAJ43kbP2TWI8aIU5u5QvMMO+6JL2wQCgnljL
jNEEmrVG71q2sf13zUZQBlo=
=K3Lf
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 02 2006
Intro
