What about making the default be "no inbound connections" and having a web interface where a customer can open ports if they find it necessary? The web page could guide them regarding which ports are necessary for which applications. Even if some folks just clicked "open everything" the bulk of the population would be protected. I'm not sure what to say about the problems with router performance. Other access control implementations could probably be designed to improve the efficiency of this process using (better?) hardware support for the filtering function. -- Gary Flynn Security Engineer - Technical Services James Madison University ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri May 23 2003 - 10:24:07 PDT