| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
CheckPoint
|
|
IPfilters
|
|
IPtables
|
|
PIX
|
|
Smoothwall, MySQL and Kiwi Syslog Daemon: Cost Effective Firewall and Logging with Database and Analysis This paper intends to identify a package of applications that, properly configured, will provide a firewall with syslog output to a database for queries, ready for analysis and archiving, all on inexpensive hardware at a cost less than $500.
Russell McRee,
01/21/2005
|
|
Auditing Firewalls: A Practical Guide This discussion will be focused on the internal audit; so far regulatory organizations, under whose purview external financial audits are generally performed, have not taken up computer security.
By Bennett Todd , 06/11/2004
|
|
Hardening Bastion Hosts Discusses how by adding Hardening Bastion Hosts to your Defense in Depth strategy, you can slow an attackers progress and protect the confidentiality, integrity and availability of your private network.
By Todd Jenkins, 04/30/2004
|
|
The Weakest Link...This Is Not a Game! The question is not "IF" you are ever attacked and infected, the question is "WHEN". On this note, the subject of firewalls comes into play. Once again, the Weakest Link believes that the safety and well being of their data of which they have so willingly typed into the computer is safe and totally impenetrable. Firewalls, like computers, come in all different sizes and values.
By Jack Daniels, 04/30/2004
|
|
Change Control Process for Firewalls A critical but frequently glossed over part of security practice is Change Control (CC). This is the process of implementing change while controlling its environmental impacts. This paper covers the fundamentals of Change Control and Procedures as it applies to the management of Firewalls. Using careful process and planning it is possible to reduce risks associated with changes thereby minimizing the likelihood of detrimental impacts on business operations.
By Paul Maschak, 04/23/2004
|
|
Securing Systems with Host-Based Firewalls - Implemented With SunScreen This article discusses how host-based firewalls can be an effective alternative to choke-point based firewalls to provide an additional layer of security in an environment.
By Martin Englund, 04/14/2004
|
|
The Firewall has been Installed, Now What? Developing a Local Firewall Security Policy Given the responsibility of configuring firewalls for a departmental network, I discovered that a local firewall security policy had not been written. This paper details the process I used to draft a perimeter device security policy for these firewalls. The firewall policy at the end of this document completes the policy draft process. The information gathered to draft a local firewall policy also lead to the creation of a PIX Firewall Security Services and Requirements matrix. This matrix maps HIPAA and local security requirements to the security technology solutions provided by the PIX firewall.
By Richard Walker, 04/08/2004
|
|
What is Egress Filtering and How Can I Implement It? This paper discusses the benefits of performing egress filtering on each of your border routers. As we will see, egress filtering is not only beneficial to your own network, but to the rest of the Internet as well. This is because egress filtering makes your network far less appealing to attackers who are trolling for potential relay sites. What is Egress Filtering? To discuss egress filtering, let's start by mapping the flow of traffic for a typical site which is connected to the Internet. This is shown in Figure 1. Note that we have an internal network as well as a service network which are protected by a firewall. All outbound connection attempts pass through the firewall and the border router on their way to the Internet.
By Chris Brenton, 04/05/2004
|
|
Private Internet Exchange: The Fastest Firewall in the World? There are now numerous amounts of firewalls available in today's market with a wide array of speeds, strengths and weaknesses. The limitations are based on an engineers ability to decern the needs of the client and or model and provide the correct product choice, followed by proper deployment, configuration and management. Without proper implementation, maintenance and follow-up no firewall is invincible.
By Unknown, 04/05/2004
|
|
Using open source to create a cohesive firewall/IDS system. Defense in Depth is a basic concept, wherein the defender seeks to apply designated, concentric layers of defense in an effort to detect and deter an enemy. Attackers are faced with breaking through or bypassing each layer without being detected, a difficult task. Another benefit is that a flaw in one layer can be covered by other layers, thus mitigating a mistake in the implementation of a particular layer of defense. There are many components that make up the defensive layers: ip firewalling, tcp wrappers, application access control, intrusion detection, encryption and many more. In this paper I will be discussing what are arguably the two main components of the layered defense, a firewall and intrusion detection system. More importantly I will show how to use existing open source technologies to combine these into a comprehensive whole that, while not providing a total solution, can go a long way in fulfilling the defense in depth strategy.
By Thomas Dager, 04/05/2004
|
|
Page: 1 2345 |
