Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

RE: X server in a Firewall
From: "Hammerle, Tye" <Tye.F.Hammerle () snapon com>
Date: Wed, 1 Feb 2006 08:36:37 -0600

It would be interesting to hear what needs changing that often on a regular


-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of R. DuFresne
Sent: Saturday, January 28, 2006 4:08 PM
To: Marcus J. Ranum
Cc: Paul D. Robertson; John M; firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] X server in a Firewall

Hash: SHA1

On Tue, 24 Jan 2006, Marcus J. Ranum wrote:

Paul D. Robertson wrote:
Indeed, that's why console-only access is the best method.

Indeed; if your firewall rulesets change so often that you find it 
onerous to walk down the hall to the console, then your firewall 
ruleset is changing too often, which probably means you are already in 
a state of screwed.

Would you be infering then that since we change our rulesets bi-weekly,
every week of the year on about a hundred or more firewalls in esaps
<managed zines for each agency, that we change too often?


Ron DuFresne
- --
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com Key fingerprint = 9401 4B13 B918
164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover instead of creating the
perfect love.

                 -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP
Version: GnuPG v1.2.4 (GNU/Linux)

firewall-wizards mailing list
firewall-wizards () honor icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]