Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Firewall technology

from [Mark Brunner] Network Security [Permanent Link]
Subject: RE: Firewall technology
Date: Thu, 29 Dec 2005 19:47:44 -0500 
I am not a professional Security Consultant, although I do play one in real
life.  -= LOL =-

You need to consider a few factors when considering the need for a firewall,
or any other security implementation.
First, I wouldn't connect my home PC to the Internet without a firewall of
some sort.  (Actually, I have, to substantiate the claims that I was hearing
about being hacked in 30 minutes.  Took 15.)  The risks are real, and very
effective at bringing down small and large "game".

Do a little math exercise to figure out what your company's data is worth.
In fact, ask your boss to help you out!
    Bet you have a nice juicy customer list that a competitor would pay to
get their hands on.  How much?  (How much business do they give you annually
as a baseline?)
    What immediate project or development plans are lying around unguarded
on your network?  What are they worth?
    What personal employee information is stored on your company's network?
(Some social security numbers, maybe?  Mmmmm, Identity Theft...)
    What private customer information is stored on your LAN?  (Yummy,
Fraudulent Billing...)
    What financial information is stored on the network?  (Sweeeeet,
Embezzlement...)
    What are you currently doing to protect this information?  Is it
working?
    How can you tell that it is/isn't working?  (Oooooohhh, Audit...)
    Are you (or the company) prepared to accept the LIABILITY of this
information being accessed, shared, deleted, or tampered with?
    Are your customers prepared to accept this?  Are you doing due
diligence?
    Are you in a regulated industry?  (Most of us are now, it seems.)
    What is the value of the reputation of your company?
Compare the result with the cost of a firewall AND throw in an IDS while you
are at it!

A hardware firewall is affordable.  You get what you pay for, but you can
get one on the cheap.  You will pay for it in care and feeding time,
maintenance costs, etc.  A firewall can be as simple as an unused PC with a
couple of network cards, a $50 proxy filter and a $50 software firewall to
start with, but I would recommend pricing around for a "real" hardware
appliance.  Look at ALL of your options, and find the one that fits your
needs.  If a hardware firewall is still too costly, I'll bet you have a
router.  Do you have ACL's on the router to deal with security threats, and
restrict access?

A company that is run responsibly will quickly see the benefit of protecting
its assets by taking the MINIMAL modern precautions.  I wouldn't work long
for a company that didn't take its responsibilities to its employees,
partners, and customers interests seriously.  They tend not to stay in
business too long after the first or second serious breach.  Remember, the
company is NOT just a faceless organization.  It is the sweat, the dreams,
the hopes, the future and the efforts of the individuals around you that you
are protecting.  You can fly under the radar, cross your fingers, and hope
for the best, or grab the steering wheel and control the ride!

Cheers!
Mark
  -----Original Message-----
  From: coder [mailto:elite.coder@ntlworld.com]
  Sent: Thursday, December 29, 2005 5:01 PM
  To: firewalls@securityfocus.com
  Subject: RE: Firewall technology


  Ok, so there are solutions that already exist, but how good are they fore
small companies with limited financial resources?
  I myself am a network admin, the company I work for has about 20 PCs and 4
servers. The company really only has just enough to pay the wages each month
so an expensive firewall system is out of the question (I assume symantec,
checkpoint and zonealarm are all very expensive), also I do a lot of
application developement for them and sometimes write my own protocol for
client-server software.
  Also I am called out to build networks for other small companies with
limited financial resources. One thing I have noticed with the company I
work for and the other smaller companies is that they dont have a full time
net admin (and in some cases they dont have one at all), and as they dont
have Active Directory (the company I work for does, but the ones I build
networks for do not) or equivelent, there is a 100% possibility of them
getting some malware on their desktops.
  Im thinking for the thesis, I can say the current firewall technology is
time consuming to setup, expensive and requires a full-time network admin to
maintain the system. And I can then say that I shall develope a new firewall
system that is cheaper and does not require a full time admin to maintain.
  Does this sound reasonable?
  Thanks
  ~Davie Elliott
  -------- Original Message --------
  Hello everyone,

  I wanted to get the opinions of experts before I carry on with my project.
I
  am curently writting a thesis on the limitations of firewall technology,
  for now it seems that firewall technology for the gateway is pretty much
  covered. However, noone seems to have focused on firewall technology for
  clients (on big networks), home firewalls such as ZoneAlarm are useless
for
  a network with many PCs because it cant be managed centrally and it asks
the
  user if they want to create a new rule when somthing tries to get out.

  In my thesis I was going to say that these are the problems and the
  solutions was to write a firewall system that can be managed centrally
(via
  web interface), also for technical universities where students maybe
  writting network software and using their own protocols, I was going to
see
  if I could create some kind of "protocol creator" for admins. Originally
my
  thesis was going to be about security corporation sized networks, but in
my
  research I have come across a few other things.

  IEEE802.1x and IPSec can apparently replace client-side firewalls, I dont
  really know much about those two technologies, but I am still researching.
  If these two techologies are better than client-side firewalls and or cost
  less, I shall focus my thesis on small company networks (who cant afford
  good network technology or a full-time net admin).

  My thesis was going to be centered around the fact that machines within
huge
  networks get infected by malware and such, either by websites or via
  removable media, I am hoping that my firewall I idea would: stop sending
  keylogger and spyware details back to the "hacker" and stop viruses/worms
  spreading from the infected client.

  So, what client-side technologies do corporations use (if any)?
  Are there any limitations for IPSec and 802.1X?
  What are your opinions on what I was saying about client-side firewalls?

  Thank you for your answers,

  Davie Elliott.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Firewall technology, Volker Tanger
Next by Date:  Re: Firewall technology, Sean Krause
Previous by Thread:  Re: Firewall technology, Volker Tanger
Next by Thread:  RE: Firewall technology, Skyler King
Indexes:  [Date] [Thread] [Top] [All Lists]