The Weakest Link...This Is Not a Game!
The question is not "IF" you are ever attacked and infected, the question is "WHEN". On this note, the subject of firewalls comes into play. Once again, the Weakest Link believes that the safety and well being of their data of which they have so willingly typed into the computer is safe and totally impenetrable. Firewalls, like computers, come in all different sizes and values.
Read the Article
|
Hardening Bastion Hosts
Discusses how by adding Hardening Bastion Hosts to your Defense in Depth strategy, you can slow an attackers progress and protect the confidentiality, integrity and availability of your private network.
Read the Article
|
Auditing Firewalls: A Practical Guide
This discussion will be focused on the internal audit; so far regulatory organizations, under whose purview external financial audits are generally performed, have not taken up computer security.
Read the Article
|
Utilizing Static Packet Filters to Enhance Network Security
Many network installations today consist of a firewall to provide security between the increasing hostile environment of the Internet and the corporate network. This paper examines utilizing Access Control Lists to implement static packet filters at a network perimeter to enhance security in any sized network. An examination of NSA recommended filters will be performed, potential weaknesses discussed, enhancements conceived, and the effects of these filters upon the devices they are placed. Additional ideas will include enhancements to Cisco routers that are available to provide further security.
Read the Article
|
Firewall-1 NG Rules to Allow VRRP Traffic
Exactly what rules do you need to have to keep VRRP working on a Nokia Checkpoint firewall? Mitchell Rowton provides a list of rules to allow VRRP traffic.
Read the Article
|
Smoothwall, MySQL and Kiwi Syslog Daemon: Cost Effective Firewall and Logging with Database and Analysis
This paper intends to identify a package of applications that, properly configured, will provide a firewall with syslog output to a database for queries, ready for analysis and archiving, all on inexpensive hardware at a cost less than $500.
Read the Article
|
The Perils of Deep Packet Inspection
This paper looks at the evolution of firewall technology towards Deep Packet Inspection, and then discusses some of the security issues with this evolving technology.
Read the Article
|
Software Firewalls versus Wormhole Tunnels
Hardware and software firewalls promise to protect your system and your network from the dangers of the Internet, but how well do they really fare against cutting-edge attacks? This article presents some of the major differences between hardware and software firewalls and illustrates the real challenges faced by software firewall vendors.
Read the Article
|
Centralized Tracking and Risk Analysis of 3rd Party Firewall Connections
In GIAC Enterprises, security leaders and auditors prioritized the need for individual business units to validate their existing external firewall connections. The goal of this case study was to simplify the firewall ruleset validation process by creating a central database of rulesets that enables reporting on existing vendor connections. The overall impact included compliance with auditing requirements, a more robust risk assessment of firewall rulesets, and centralized visibility bringing about management response.
Read the Article
|
