begin Noah Meyerhans quotation: > > And what do you do when a security vulnerability arises in your firewall > implementation?
The same thing you do when that happens with any other component of your network; fix it, have plans in place to recover from it, and have monitoring in place to detect it as quickly as your budget allows. > Or when an attacker is able to hijack a web browsing > session by one of your internal users? See above. > The idea that firewalls are the panacea of network security is very > dangerous. The idea that anybody who says a firewall is a useful tool automatically thinks it's a panacea is a straw man you created. > No network should be trusted, and firewalling off your > little subnet is not going to change that. I don't see you putting your root password in your .signature. I mean, after all, if it's that black and white (either security is useless, or you disconnect from the network), then you shouldn't mind doing that. > It's been said many times before: the only secure computer is one that's > not plugged in. Yes, it has; but there's usually a few hundred more pages in the book after that, or the meeting continues and goes on to doing some useful work. Leave security to the professionals; or even to the amateurs. Just leave it to somebody that recognizes that it has value, OK? -- Shawn McMahon | McMahon's Laws of Linux support: http://www.eiv.com | 1) There's more than one way to do it AIM: spmcmahonfedex, smcmahoneiv | 2) Somebody thinks your way is wrong
pgpraRjJnUPjw.pgp
Description: PGP signature
