[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Hardening of OS
His comments about the interaction is true. I guess he assumes that you are doing inbound or eitherbound inspection :) So what happens when the ruleset is not purfect? What about during the boot process? What about if FW1 crashes? What if somebody leaves a terminal logged in? What about during the install process? What if somebody manages to figure out a mangement ip/range? What happens if your workstation gets compromised? Even if you assume that FW1 will protect it fully, then what happens during the boot? If you have remote firewalls and you set them to not forward packets during boot, then you better be able to get someone on the console if the policy d/l or boot process fails. I'd go as far as only allowing console access if possible. SSH2 and not telnet should be a no brainer, VPN or not. I'd take the time if I were you. But then, I'm worried about Van Eck phreaking, so that gives you some context. Cheers, Craig ----- Original Message ----- From: "Brian Tan Wee Beng" <[email protected]> To: <[email protected]> Sent: Sunday, March 18, 2001 4:40 AM Subject: [FW1] Hardening of OS > > hi... > I was having a disussion with a engineer on hardening the OS and he say > that actually there's not a need to harden it since the inspection module is > sitting on the kernel level.This means that all packets will be processed by > the module before they reach the OS.If the packets do not pass inspection, > they are either dropped or rejected according to the rule base.So is it > true??? > > Cheers > _________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|