Search This Blog

Friday, January 15, 2010

firewall-wizards Digest, Vol 45, Issue 6

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. responsible disclosure debate renews; (R. DuFresne)
2. Performance question Drop or Reject (Jason Lewis)


----------------------------------------------------------------------

Message: 1
Date: Thu, 14 Jan 2010 13:09:50 -0500 (EST)
From: "R. DuFresne" <dufresne@sysinfo.com>
Subject: [fw-wiz] responsible disclosure debate renews;
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <Pine.LNX.4.64.1001141307500.18031@darkstar.sysinfo.com>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

January 12, The Register - (International) Frustrated bug hunters to
expose a flaw a day for a month. A Russian security firm has pledged to
release details of previously undisclosed flaws in enterprise
applications it has discovered every day for the remainder of January.
Intevydis intends to publish advisories on zero-day vulnerabilities in
products such as Zeus Web Server, MySQL, Lotus Domino and Informix and
Novell eDirectory between January 11 and February 1, a security blogger
reports. As an opener, Intevydis published a crash bug in
Sun Directory Server 7.0, along with exploit code. The final line-up of
zero-days is still being finalised, but the MySQL buffer overflows and IBM
DB2 root vulnerability flaws on the provisional menu sound much tastier than
Intevydis's somewhat bland opener. Advisories are due to be published on
the Intevydis blog here. Intevydis said it launched its campaign after
becoming more and more disillusioned with foot-dragging by vendors when
confronted by security flaws in their products. Only one software vendor,
Zeus, reportedly worked with Intevydis in developing a patch to be
released at the same time as an upcoming advisory from the Russian
security firm. Intevydis's stance is likely to reboot the long running
debate about the responsible disclosure of security vulnerabilities. An
entry on the Intevydis blog accuses software vendors of exploiting researchers
as unpaid lackeys. Source:
http://www.theregister.co.uk/2010/01/12/enterprise_sec_disclosure_campaign/

Thanks,

Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

These things happened. They were glorious and they changed the world...,
and then we fucked up the endgame. --Charlie Wilson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFLT13xst+vzJSwZikRAk4gAKC7HgmDU3EEi6hJp9UawA8NUiF6AQCfcsRb
Vb0sQMx+r/rznTBr1ywsR/k=
=mIJ3
-----END PGP SIGNATURE-----


------------------------------

Message: 2
Date: Wed, 13 Jan 2010 22:10:07 -0500
From: Jason Lewis <jlewis@packetnexus.com>
Subject: [fw-wiz] Performance question Drop or Reject
To: firewall-wizards@listserv.icsalabs.com
Message-ID:
<554140e81001131910s678ccb0bl1a599de966ae8dff@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

I search the archives for discussions on the performance implications of
Drop/Deny or Reject rules, but only found discussions of how much
information is revealed.

Is there any performance difference between a Drop/Deny or Reject rules?
IDK if it's relevant, but I'm using iptables. If there isn't performance
hit between the two rules, is there anything else that might steer me
towards picking one over the other?

jas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20100113/ab4e7c7b/attachment-0001.html>

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 45, Issue 6
***********************************************

No comments: