Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: firewall-wizards Digest, Vol 64, Issue 5
From: John Michealson <micheajp () gmail com>
Date: Fri, 12 Apr 2013 17:36:39 -0500

Well, the op was in reference to tools.... hence my post. I respect your opinion (and agree to an extent) but the state 
of things is very much like capitalism - a grand ideal but inevitably doomed once human nature (greed) is added. The 
only true fix is based upon the humans using the systems (all of them) understanding they cannot simply click on 
anything they would like to. This isn't feasible. Education is a start but not the be all. Alternatively, blocking all 
non-vital corporate communication is also not feasible.


On Apr 12, 2013, at 11:00 AM, firewall-wizards-request () listserv icsalabs com wrote:

Send firewall-wizards mailing list submissions to
   firewall-wizards () listserv icsalabs com

To subscribe or unsubscribe via the World Wide Web, visit
   https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
   firewall-wizards-request () listserv icsalabs com

You can reach the person managing the list at
   firewall-wizards-owner () listserv icsalabs com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

  1. Re: firewall-wizards Digest, Vol 64, Issue 3 phishing
     (Stephen P. Berry)


----------------------------------------------------------------------

Message: 1
Date: Thu, 11 Apr 2013 11:46:09 -0700
From: "Stephen P. Berry" <spb () meshuggeneh net>
Subject: Re: [fw-wiz] firewall-wizards Digest, Vol 64, Issue 3
   phishing
To: Firewall Wizards Security Mailing List
   <firewall-wizards () listserv icsalabs com>
Message-ID: <20130411184609.DFBC123CA62 () ushiro meshuggeneh net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


John Michealson writes:

Check Point's gateway based AV went cloud based last fall. It has over 6M
signatures. They also have AntiBot, which has hundreds of millions of IP
and hosts classified. They are reclassifying 50k sites/hosts a day with
their ThreatCloud, and ThreatEmulation is in EA. Their Application Control
has 4900 apps defined locally and 300K in the cloud. Combined with
education these are very effective tools.

Perhaps I just have a bad attitude, but I'm imagining a ship with a
great jagged hole below the water line and a very high output bilge
pump that's almost but not quite keeping up with the flooding.  The ship
doesn't sink -immediately-, and hey that is a pretty impressive pump.  But
I'm not sure that I'd say that the pump is a very effective tool, because
the task I'm actually concerned with isn't---or, I would argue shouldn't
be---pumping water out, which the pump does quite well, but rather with
keeping the ship seaworthy by keeping the water from getting in in the
first place, and the pump doesn't do that at all.

I'm not trying to badmouth Checkpoint here.  I'm sure their product is
wonderful for what it is.  But I find it distressing how comfortable
we've become with living with network architectures that are perpetually
in a state of failure.  That are designed failed.  You speak in glowing words
of the monumental efforts expended by Checkpoint.  But while I can admire
all that hard work, when I see as system that -needs- this sort of heroic
effort -on an ongoing basis- just to continue functioning, I see a system
that is fundamentally broken.



- -spb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEVAwUBUWcEsR+T8Ptkg9h9AQI4swf/SAXPVaI8DXdOZ7OaUpcBUe6t2Y6ZQCGX
9VB0F2/3pyTWWdcVNUcDMVAiasgF1Pc/uHEhGFbFJNB13ubiUDsvQmjwJMkhN5fk
GRT1eJLQrwSjAhzpwnQxTnQQQxwGBlaCb9Lo3db/PMZcxwFaYjzWncthZ6tX9YW5
IOD1Th0fvOEEJvtl+imqYanWUC2HXFJPP+F2f8eswOv2EI80C38EnTd/+Bn6vRcW
PkCKJO3RCwRjdDACIlS/bx4aMrt36M/bbGgF+mRtn3NNNHqeGkMQV490b8pvRlxM
DfeH/RAdUdOMQ7PVRCJAEKreI268ywabltzOya5MPBhY3RjRgJeBJQ==
=JaqR
-----END PGP SIGNATURE-----


------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 64, Issue 5
***********************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
  • Re: firewall-wizards Digest, Vol 64, Issue 5 John Michealson (Apr 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]