Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Re: firewall-wizards Digest, Vol 64, Issue 3 phishing
(Stephen P. Berry)
----------------------------------------------------------------------
Message: 1
Date: Thu, 11 Apr 2013 11:46:09 -0700
From: "Stephen P. Berry" <spb@meshuggeneh.net>
Subject: Re: [fw-wiz] firewall-wizards Digest, Vol 64, Issue 3
phishing
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <20130411184609.DFBC123CA62@ushiro.meshuggeneh.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John Michealson writes:
>Check Point's gateway based AV went cloud based last fall. It has over 6M
>signatures. They also have AntiBot, which has hundreds of millions of IP
>and hosts classified. They are reclassifying 50k sites/hosts a day with
>their ThreatCloud, and ThreatEmulation is in EA. Their Application Control
>has 4900 apps defined locally and 300K in the cloud. Combined with
>education these are very effective tools.
Perhaps I just have a bad attitude, but I'm imagining a ship with a
great jagged hole below the water line and a very high output bilge
pump that's almost but not quite keeping up with the flooding. The ship
doesn't sink -immediately-, and hey that is a pretty impressive pump. But
I'm not sure that I'd say that the pump is a very effective tool, because
the task I'm actually concerned with isn't---or, I would argue shouldn't
be---pumping water out, which the pump does quite well, but rather with
keeping the ship seaworthy by keeping the water from getting in in the
first place, and the pump doesn't do that at all.
I'm not trying to badmouth Checkpoint here. I'm sure their product is
wonderful for what it is. But I find it distressing how comfortable
we've become with living with network architectures that are perpetually
in a state of failure. That are designed failed. You speak in glowing words
of the monumental efforts expended by Checkpoint. But while I can admire
all that hard work, when I see as system that -needs- this sort of heroic
effort -on an ongoing basis- just to continue functioning, I see a system
that is fundamentally broken.
- -spb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEVAwUBUWcEsR+T8Ptkg9h9AQI4swf/SAXPVaI8DXdOZ7OaUpcBUe6t2Y6ZQCGX
9VB0F2/3pyTWWdcVNUcDMVAiasgF1Pc/uHEhGFbFJNB13ubiUDsvQmjwJMkhN5fk
GRT1eJLQrwSjAhzpwnQxTnQQQxwGBlaCb9Lo3db/PMZcxwFaYjzWncthZ6tX9YW5
IOD1Th0fvOEEJvtl+imqYanWUC2HXFJPP+F2f8eswOv2EI80C38EnTd/+Bn6vRcW
PkCKJO3RCwRjdDACIlS/bx4aMrt36M/bbGgF+mRtn3NNNHqeGkMQV490b8pvRlxM
DfeH/RAdUdOMQ7PVRCJAEKreI268ywabltzOya5MPBhY3RjRgJeBJQ==
=JaqR
-----END PGP SIGNATURE-----
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 64, Issue 5
***********************************************
No comments:
Post a Comment