Re: CRIME A couple questions...

From: Seth Arnold (sarnold@private)
Date: Wed Nov 13 2002 - 14:13:05 PST

  • Next message: Tom_Staskiewicz@private: "CRIME Crime meeting"

    On Wed, Nov 13, 2002 at 11:39:37AM -0800, Todd Ellner wrote:
    
    [nice ^Ms throughout the email...]
    
    > 1) A couple of the Windows machines have been getting annoying popup spams.
    > As near as we can tell it's not a Trojan program installed on the boxes. Not
    > a mail message. Not an Instant Messenger thing. Not a web browser. Looks
    > more like a regular dialog box. The Microsoft knowledge base was kind of
    > cryptic. 
    
    I've heard there is a nice new ActiveX control put together by a porno
    outfit that pops up porn adverts when it feels the time is appropriate.
    I imagine most virus scanners should find it.
    
    > 2) The first real version of the company's product has to be a little more
    > flexible in terms of "classes of things the administrator can allow users to
    > do". Are there some good books or net resources on formally defining
    > security policies?
    
    The Common Criteria are frequently cited. I've not read them, but it
    might be an interesting starting point.
    
    > 3) Checkpoint? SonicWall? Something else that provides good value for the
    > money for a small enterprise? Or should I just fall back on Old Reliable (
    > Building Internet Firewalls 2nd Edition")?
    
    Me, I really like pf from OpenBSD. Lots of people swear by IPTables.
    ipfw (freebsd) and ipf (from darren reed, available for many unixish
    systems) are also popular choices. Most of these are free or very cheap,
    depending on how you get your media. :) Well, they do cost administrator
    time to learn and configure that some of the nice pretty gui firewall
    configuration wizards might help mitigate some... Oh yeah, and I've never
    used pf on a link with more than 1mBps bandwidth -- using a standard
    cheap PC might not scale to however much bandwidth you've got.
    
    
    
    -- 
    "A mouse can be just as dangerous as a bullet or a bomb."
    -- US Representative Lamar Smith (R-Texas)
    
    
    



    This archive was generated by hypermail 2b30 : Wed Nov 13 2002 - 14:33:30 PST