Firewall Wizards mailing list archives
Reactive Firewalls
From: Aleph One <aleph1 () dfw dfw net>
Date: Mon, 9 Feb 1998 21:10:38 -0600 (CST)
On Mon, 9 Feb 1998, Stout, William wrote:
I like Cisco routers, but NSC borderguard routers respond to Wheelgroup IDS software (Borderware, Borderguard) and they also have R-R VPN capability (data 'sleeves').
Reactive firewalls are one of the worths ideas yet. You are taking automated actions based on non-authenticated possible bogus data. That is a formular for disaster. Read the recent (release today) Secure Network paper on IDS's and their flaws for some reasons why this is so.
Bill Stout
Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- High Performance Firewall solution? Aaron D. Turner (Feb 02)
- Re: High Performance Firewall solution? Bennett Todd (Feb 03)
- Re: High Performance Firewall solution? Aaron D. Turner (Feb 03)
- <Possible follow-ups>
- RE: High Performance Firewall solution? Stout, William (Feb 09)
- RE: High Performance Firewall solution? Aaron D. Turner (Feb 09)
- Reactive Firewalls Aleph One (Feb 09)
- Re: Reactive Firewalls Rick Smith (Feb 11)
- RE: High Performance Firewall solution? Stout, William (Feb 10)
- RE: High Performance Firewall solution? Aaron D. Turner (Feb 11)
- RE: High Performance Firewall solution? Stout, William (Feb 14)
- Re: High Performance Firewall solution? Bennett Todd (Feb 03)