Firewall Wizards mailing list archives
RE: X server in a Firewall
From: "Ben Nagy" <ben () iagu net>
Date: Wed, 25 Jan 2006 11:22:20 +0700
-----Original Message----- On Tue, 24 Jan 2006, Marcus J. Ranum wrote:Indeed; if your firewall rulesets change so often that you find it onerous to walk down the hall to the console, then your firewall ruleset is changing too often, which probably means you are already in a state of screwed.
[cat]
Down the hall? Must be nice. I'm thinking "to another continent". Frankly while I agree that firewall management should be done out of band, there are certainly situations where physical access is not a straightforward means of out of band access - and the environment is legitimately dynamic.
If you have out-of-band access to your routers, find a router in the same rack, connect a serial cable from the router into the firewall - instant console access. If you don't have OOB access to your routers then you'll probably accept the risk of managing the firewall via SSH. Cheers, ben _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: X server in a Firewall, (continued)
- Re: X server in a Firewall Chuck Swiger (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Peter Bruderer (Jan 25)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- RE: X server in a Firewall Ben Nagy (Jan 24)
- RE: X server in a Firewall Cat Okita (Jan 25)
- Re: X server in a Firewall Carson Gaspar (Jan 25)
- Re: X server in a Firewall ArkanoiD (Jan 25)