Search This Blog

Monday, May 17, 2010

firewall-wizards Digest, Vol 49, Issue 8

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: Firewall best practices (ArkanoiD)
2. Re: a cutting-edge open-source network security project
(travis+ml-firewalls@subspacefield.org)


----------------------------------------------------------------------

Message: 1
Date: Sat, 15 May 2010 00:43:06 +0400
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] Firewall best practices
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Cc: mjr@ranum.com
Message-ID: <20100514204305.GA31867@eltex.net>
Content-Type: text/plain; charset=koi8-r

Well, maybe it's time to implement something like that in opensource?
Say, "smart redirector" for pf/iptables that diverts connection to specific
application proxy? I remember i was against the idea of transparent proxying
itself, and it is now proved i was wrong (and actually it was pretty obvious
back then as well that mobile users need transparent access as other ways
to keep configuration unified are too complicated for average administrator,
so it was just my blind spot). So, though i still doubt protocol heuristics
are good, there is definitely some demand.

Any sponsors or just technologies to steal? ;-)

On Mon, May 10, 2010 at 06:39:00PM -0700, david@lang.hm wrote:
> someone mentioned elsewhere in this thread the Palo Alto boxes and their
> application based ruleset.
>
> It looks like Macafee is going very much down the same route with the
> Sidewinder firewalls with version 8 (announced last week, due to be
> released in June)
>
> Since it's not out yet, it's impossible to do a complete comparison of
> them, but it's worth keeping an eye on what happens.
>
> David Lang
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
> email protected and scanned by AdvascanTM - keeping email useful -
> www.advascan.com
>

------------------------------

Message: 2
Date: Fri, 7 May 2010 15:32:48 -0700
From: travis+ml-firewalls@subspacefield.org
Subject: Re: [fw-wiz] a cutting-edge open-source network security
project
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <20100507223248.GC32447@subspacefield.org>
Content-Type: text/plain; charset="us-ascii"

On Thu, May 06, 2010 at 07:13:38PM +0400, ArkanoiD wrote:
> Have you seen IDR? It provides (basically, it is one of its core functions) a way
> to distribute filtering rules via BGP, mitigating network attacks as close to the source as
> possible.
>
> On Wed, May 05, 2010 at 11:39:40PM -0500, Frank Knobbe wrote:
> >
> > BTW: I'm starting a block-peering project for the exchange of hostile IP
> > block information. If you are interested in exchanging hostile IP
> > information, contact me off-list.

Given the relative success of blacklists with UBE, this seems like an obvious
tactic to apply to network security generally. Could potentially respond
quickly enough to protect against certain worm attacks as well.
--
A Weapon of Mass Construction
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/
If you are a spammer, please email john@subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20100507/49036d39/attachment-0001.pgp>

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 49, Issue 8
***********************************************

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)