[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] software of intrusion detection

To: "'[email protected]'" <[email protected]>, "'FW-1 Mail List'" <[email protected]>
Subject: RE: [FW1] software of intrusion detection
From: "Stafford, Todd" <[email protected]>
Date: Thu, 3 May 2001 08:33:04 -0700
Sender: [email protected]


I'm not familiar of any that can automatically place rules in FW-1 but there
are several good analyzers out there for FW-1 logs.  Most of these analyzers
can be found at www.opsec.com.  My question would be why do you want one
that will automatically add rules to your rule-set as that can be
inheriantly dangerous.  It is entirely feasible that your analyzer could add
a rule which could not only disrupt a service that you need to have but
could also potentially lock you out of the firewall.  Remember, setting up
an effective rulebase not only requires properly created rules but just as
importantly requires that those rules be placed in the rule-set in the
proper order.  This last step is something that only an experienced HUMAN
can do....not a script.

Thank you,
Noel T. Stafford
CCSA, CCSE, CCFE
Network Engineer
IT - Data Communications Group
Western Wireless Corporation
[email protected]


-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Sunday, April 29, 2001 6:19 AM
To: fw1
Cc: GUAYROSO Xavier; MARTIN Jerome
Subject: [FW1] software of intrusion detection



Hello,  
I search for a software of intrusion detection.Can analyze the FW1S logs
and as capable so possible to put rules in automatic if the FW1  
Cordially.


-- 
Polomack Cedric - VPN Engineer
Cable & Wireless France  - http://www.cw.com/fr
Email: [email protected]
Phone:     +33 1 43 13 68 00    Fax:   +33 1 43 13 68 68


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Problem with Websense & Checkpoint
Next by Date: [FW1] DNS-requests
Prev by thread: Re: [FW1] software of intrusion detection
Next by thread: [FW1] RE:
Index(es):
- Date
- Thread