firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Re: [Fwd: Question] (Jean-Denis Gorin)
2. Re: [Fwd: Question] (Paul D. Robertson)
3. SCADA (Kaas, David D)
----------------------------------------------------------------------
Message: 1
Date: Tue, 14 Apr 2009 15:06:18 +0200
From: Jean-Denis Gorin <jdgorin@computer.org>
Subject: Re: [fw-wiz] [Fwd: Question]
To: firewall-wizards@listserv.cybertrust.com
Cc: ark@eltex.net, mjr@ranum.com
Message-ID: <1239714378.49e48a4ad1fb5@imp.free.fr>
Content-Type: text/plain; charset=ISO-8859-1
I also remember [1] the split of the original Firewalls list to Firewalls and
FW-Wizards because there were too many messages about firewall solutions
configurations...
BTW, does the original Firewalls list still exist?
[1] Yes, I'm a very long time lurker!
> -----Original Message-----
> From: firewall-wizards-bounces@listserv.cybertrust.com
> [mailto:firewall-wizards-bounces@listserv.cybertrust.com] On
> Behalf Of ArkanoiD
> Sent: Friday, April 10, 2009 3:10 PM
> To: mjr@ranum.com; Firewall Wizards Security Mailing List
> Subject: Re: [fw-wiz] [Fwd: Question]
>
> Finally something on the list not related to "how do i
> configure my PIX" ;-)
> I wonder what happened? We used to have interesting discussions here
> years ago, and now everything is reduced to PIX setup?
>
> P.S. I hate PIX. (and ASA too). Cannot imagine a single case for it to
> be optimal solution. But even that is not what i'd like to discuss ;-)
>
> On Wed, Apr 08, 2009 at 04:14:44PM -0400, Marcus J. Ranum wrote:
> > I just thought I'd send this along to the list, because it had
> > me laughing into my coffee. My friend Olaf is not a security
> > practitioner. He's not even an IT guy. He's an artist and a
> > professional photographer.
> >
> > I just love the way that any person with a brain who
> > encounters this internet security stuff can immediately
> > cut to the core of the problem as Olaf does below:
> >
> > -------- Original Message --------
> > Subject: Question
> > Date: Wed, 8 Apr 2009 08:41:39 -0400
> > From: Olaf S <lightdesigner@---->
> > Reply-To: lightdesigner@----
> > To: Ranum Marcus <mjr@ranum.com>
> >
> >
> >
> >
> > So, I'm watching a piece on the news this morning that
> > "hackers" from China, Russia, Korea and maybe others have
> > got into the computers that control the electrical grid.
> > My question is why the fuck are these computers connected
> > to the internet?
> >
> > Olaf S
> >
> >
> >
> > --
> > Marcus J. Ranum CSO, Tenable Network Security, Inc.
> > http://www.tenablesecurity.com
Reality is that which, when you stop believing in it, doesn't go away.
Philipp K. Dick
------------------------------
Message: 2
Date: Tue, 14 Apr 2009 11:33:41 -0400
From: "Paul D. Robertson" <probertson@fluiditgroup.com>
Subject: Re: [fw-wiz] [Fwd: Question]
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <49E4ACD5.6040100@fluiditgroup.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Jean-Denis Gorin wrote:
> I also remember [1] the split of the original Firewalls list to Firewalls and
> FW-Wizards because there were too many messages about firewall solutions
> configurations...
>
> BTW, does the original Firewalls list still exist?
When I last looked I couldn't find it at ISC, where it'd eventually
moved to.
I've tried to balance operational questions with the few theoretical
ones there are and the occasional rant thread.
> [1] Yes, I'm a very long time lurker!
Once again, I'd like to publicly state that if you want to see
interesting threads on the list, you have to de-lurk and start some. If
nothing else, it'd change the Pix/Interesting ratio...
Paul
--
President and Chairman, FluidIT Group
Moderator, Firewall-Wizards. Editor, Network Firewall FAQ
Art: http://PaulDRobertson.imagekind.com/
------------------------------
Message: 3
Date: Tue, 14 Apr 2009 08:47:45 -0700
From: "Kaas, David D" <David_D_Kaas@RL.gov>
Subject: [fw-wiz] SCADA
To: "'Firewall Wizards Security Mailing List'"
<firewall-wizards@listserv.cybertrust.com>
Message-ID:
<F4561CBF4FBBF240BEF1370289612DDA4E18C3C993@EMDB01-1.rl.gov>
Content-Type: text/plain; charset="us-ascii"
We have a few SCADA and process control networks firewalled from our corporate network which is connected to the Internet. Or policy has been to lock these down to a few specific IP addresses and secure ports and only to/from our corporate network. We have some owners of these networks that would like the firewalls to be more open. Their initial requests are to be able to manage these networks from the Internet (from home), to be able to retrieve Microsoft patches and virus signatures and to do MS file sharing to our corporate network. We currently have these services (patching and virus signatures) available on the corporate network but they believe it would be easier and simpler to retrieve them separately.
How do you answer this without just saying NO?
Thank you,
Dave
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 36, Issue 16
************************************************
No comments:
Post a Comment