Send firewall-wizards mailing list submissions to
firewall-wizards@honor.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@honor.icsalabs.com
You can reach the person managing the list at
firewall-wizards-admin@honor.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Firewall Log Management Security (dave kleiman)
2. using VLANs om PIX (Bob Kryger)
3. RE: The home user problem returns (Stewart, John)
4. Re: The home user problem returns (Marcus J. Ranum)
5. Re: The home user problem returns (Paul D. Robertson)
--__--__--
Message: 1
From: "dave kleiman" <dave@isecureu.com>
To: <firewall-wizards@honor.icsalabs.com>
Cc: "'Gary Byrne'" <Gary@Syngress.com>
Date: Wed, 28 Sep 2005 17:54:15 -0400
Subject: [fw-wiz] Firewall Log Management Security
Syngress is looking for an author to write the Firewall reporting chapter in
their new book "Security Log Management: Identifying Patterns in the Chaos".
If you have expertise in the areas below please contact Gary Byrne at
Syngress CC'd above.
Chapter 3 - Firewall reporting
Subject matter such as:
Cisco ACL logs parsing for geo-location information.
Netscreen Firewall parsing for performance information.
Regards,
__________________________________________________
Dave Kleiman, CAS,CIFI,CISM,CISSP,ISSAP,ISSMP,MCSE
www.SecurityBreachResponse.com
�
--__--__--
Message: 2
Date: Fri, 30 Sep 2005 17:15:49 -0400
From: Bob Kryger <bobk@panix.com>
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] using VLANs om PIX
I'm about to go there. It looks straight forward enough.
Any wisdom/best practices/gotchas?
TIA
Bob
--__--__--
Message: 3
From: "Stewart, John" <johns@artesyncp.com>
To: 'Brian Loe' <knobdy@stjoelive.com>,
tbird@precision-guesswork.com,
'Elizabeth Zwicky' <zwicky@greatcircle.com>
Cc: "'R. DuFresne'" <dufresne@sysinfo.com>,
'Mason Schmitt' <mason@schmitt.ca>,
"'Marcus J. Ranum'" <mjr@ranum.com>,
firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] The home user problem returns
Date: Wed, 5 Oct 2005 12:32:56 -0500
> I did this at the company before the last one, simply using
> tools provided with XP Pro and AD and a little common sense
> - eliminating 90% of the tickets the "helpdesk" was getting
> (company of 300 does NOT need a helpdesk).
Perhaps you think of something different than I do when I read "helpdesk",
but IMHO a company with 300 people certainly DOES need a way to track user
requests for help, and what was done to help them. That can mean software,
or a set of procedures and a shared mailbox, but to not have any formal way
of tracking user issues in an organization of over a dozen or so folks is
insanity.
johnS
--__--__--
Message: 4
Date: Wed, 05 Oct 2005 13:36:32 -0400
To: dave@corecom.com, tbird@precision-guesswork.com
From: "Marcus J. Ranum" <mjr@ranum.com>
Subject: Re: [fw-wiz] The home user problem returns
Cc: Elizabeth Zwicky <zwicky@greatcircle.com>,
"'R. DuFresne'" <dufresne@sysinfo.com>,
'Mason Schmitt' <mason@schmitt.ca>,
firewall-wizards@honor.icsalabs.com
Dave Piscitello wrote:
>If organizations offered tangible (monetary) rewards to incent users to comply with security policy, I suspect you'd see improvements. The model I proposed is similar to performance objectives - set goals, and reward employees with $ at the end of a performance period based on the results of a security audit. I call this the "reverse Cadbury chocolate" premise. Simply put, if people will sell their passwords for a $3 candy bar, will employees
That's a great idea!!! Offer everyone $5k/year less than you normally would
pay them, and give them a $5k bonus at the end of the year if they show
that they've been a "good security camper"!
...and the bean counters would love it because if employees terminated
before the bonus, they just penalized themselves (and saved the company)
$5k! :)
mjr.
--__--__--
Message: 5
Date: Wed, 5 Oct 2005 14:53:54 -0400 (EDT)
From: "Paul D. Robertson" <paul@compuwar.net>
To: "Marcus J. Ranum" <mjr@ranum.com>
Cc: dave@corecom.com, <tbird@precision-guesswork.com>,
Elizabeth Zwicky <zwicky@greatcircle.com>,
"'R. DuFresne'" <dufresne@sysinfo.com>,
'Mason Schmitt' <mason@schmitt.ca>,
<firewall-wizards@honor.icsalabs.com>
Subject: Re: [fw-wiz] The home user problem returns
On Wed, 5 Oct 2005, Marcus J. Ranum wrote:
> That's a great idea!!! Offer everyone $5k/year less than you normally would
> pay them, and give them a $5k bonus at the end of the year if they show
> that they've been a "good security camper"!
> ...and the bean counters would love it because if employees terminated
> before the bonus, they just penalized themselves (and saved the company)
> $5k! :)
Then you could ROI the IT department by sending everyone a carefully
engineered EICAR file...
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."
--__--__--
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest
No comments:
Post a Comment