----- Original Message ----- From: Vachon, Scott <[EMAIL PROTECTED]> > > Well, if everyone is following the rules then we can say the private IPs are > not "publicly" routable. Although a router mis-configuration could cause > this to not hold true. Thankfully most folks don't have this problem. You > stated you are using filtering but, are you using a separate firewall as > well ? My experience has found that a multi-layer approach is better. I > prefer to utilize firewalls, access-lists, and VLANs to limit and > sectionalize traffic into and out of, my private networks. I also ensure > that I turn off all services that are not necessary for business. And of > course, patch,patch,patch. > You can't 100% lock down your network. Your goal should be to make it > painfully time consuming and difficult for someone to hack in. I think you > will find that most of the riff-raff out there likes to follow the path of > least resistance and will pass by a hardened target. O.K, it seems that I will have to go with multi-layered system. One security expert once told me that the only way to be absolutely secure is to simply sever the line! James _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
