Fred Avolio's Musings

iChat Status

musings on security and other topics topics archives
June
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          
most recent headlines other links, other blogs  

:: home ::
Wed, 18 Jun 2008
New Firewall Technology? Maybe.

I read Startup Launches New Firewall Line posted by Andrew Conry-Murray. He claimed it was innovative. It sounded to me like an application gateway firewall from the mid-90s, only faster.

I asked him about it, and he replied, "It's not an application gateway... it's not proxying the applications. The company uses signatures to identify applications rather than try to recreate every app that admins want to allow through." In a traditional application gateway firewall, proxy software that mimic various application servers (usually in a secure fashion) provide the security. He pointed me to From The Labs: Palo Alto's Firewall Appliance.

So, instead of writing proxy software for "550 applications," Palo Alto has "a signature-based system that allows for matching network traffic against a database of more than 550 applications."

It does sound innovative. Check it out and see if you agree.

Comment on this.
[/security/] permanent link

Router Rooter

I've praised the Radio Free Security, Watchguard's security podcast, before. The June offering included Dave Piscitello on how to "Prevent Domain Hijacking." The basic idea is that "Router-based rootkit shows some old attacks are new again." It reminded me of a column I did for WatchGuard in 2002! As Scott Pinzon writes on their blog page

Attacks on routers are not new. Before Trojan horse and virus attacks became so devilishly easy to launch, attacks against the basic protocols in the Internet were accomplished through routers and their undying and exact support of those protocols, built-in weaknesses and all. And if you appreciate that last sentence, you may want to read the article that I stole it from. Fred Avolio's concise steps toward "Basic IP Router Security" was written in 2002, yet … every word is still useful today. If you were ordered to harden your routers, would you know what that means, and more importantly, what to do? Check out Fred's article, which is suitable no matter what brand of router you use. Then, for extra credit, take a look at the Cisco paper, "Guide to Harden Cisco IOS Devices."

Comment on this.
[/security/] permanent link