On Wed, Nov 13, 2002 at 11:39:37AM -0800, Todd Ellner wrote: [nice ^Ms throughout the email...] > 1) A couple of the Windows machines have been getting annoying popup spams. > As near as we can tell it's not a Trojan program installed on the boxes. Not > a mail message. Not an Instant Messenger thing. Not a web browser. Looks > more like a regular dialog box. The Microsoft knowledge base was kind of > cryptic. I've heard there is a nice new ActiveX control put together by a porno outfit that pops up porn adverts when it feels the time is appropriate. I imagine most virus scanners should find it. > 2) The first real version of the company's product has to be a little more > flexible in terms of "classes of things the administrator can allow users to > do". Are there some good books or net resources on formally defining > security policies? The Common Criteria are frequently cited. I've not read them, but it might be an interesting starting point. > 3) Checkpoint? SonicWall? Something else that provides good value for the > money for a small enterprise? Or should I just fall back on Old Reliable ( > Building Internet Firewalls 2nd Edition")? Me, I really like pf from OpenBSD. Lots of people swear by IPTables. ipfw (freebsd) and ipf (from darren reed, available for many unixish systems) are also popular choices. Most of these are free or very cheap, depending on how you get your media. :) Well, they do cost administrator time to learn and configure that some of the nice pretty gui firewall configuration wizards might help mitigate some... Oh yeah, and I've never used pf on a link with more than 1mBps bandwidth -- using a standard cheap PC might not scale to however much bandwidth you've got. -- "A mouse can be just as dangerous as a bullet or a bomb." -- US Representative Lamar Smith (R-Texas)
This archive was generated by hypermail 2b30 : Wed Nov 13 2002 - 14:33:30 PST