> -----Original Message-----
> From: Graham Wheeler [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 15, 2000 12:45 AM
> To: Ronneil Camara
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: hacking the system
>
>
> Mikael Olsson wrote:
> >
> > Ronneil Camara wrote:
> > >
> > > Hi everyone. We'll be starting the pre-staging of our
> project next week. I
> > > was tasked to test the effectiveness of the IBM Firewall
> for AIX. So what
> > > tools can you suggest to test against this IBM firewall?
> >
> > I'll be blunt here. If you need to ask that question, you aren't the
> > right guy to test the effectiveness of the firewall. Sure, you can
> > use nmap to test what would happen if someone does a
> more-or-less plain
> > connect() through the firewall. But unfortunately, there is a great
> > deal more to testing if a firewall is "good enough".
>
> I agree with Mikael - but of course even if you aren't the `right guy'
> to test the firewall, you may be the `only guy' available (unless you
> want to outsource this, which could be very costly - although not
> necessarily more costly than fluffing it).
Yeah, I'm the only guy here who knows a little with firewalls. I would
really want to do it also because I want to learn how experts (like you
guys) do it. For sure, you also started as a newbie.
>
> Anyway, assuming that you will be doing the job, I suggest you take a
> look at nessus (www.nessus.org) as well; nmap is a port scanner (and a
> good one at that), but it isn't intended to be a security
> scanner, which
> nessus is. It's a starting point, at least.
Anyways, I am very grateful to you guys because you have given me ways to
straigten up my path towards learning the right curve. Again, this mailing
is totally cool. :->
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
