Horst Herb wrote:
On Tuesday 19 September 2006 09:43, Andrew Cameron wrote:
I use
www.grc.com
Then follow links to Sheilds-up as a starting point. Check all service
ports.
And yes some ports may be open for intrusion detection if your firewall has
it.(like snapgears, but you can turn it off)
This does *not* test your firwall. All it does is list ports that can be seen
as "open".
A system that interacts in any meaningful way with other systems via the net
must have some ports visibly open, and that in itself is *not* a security
risk. But that check can help to detect ports that have been left open
unintentionally, so it is worthwhile.
A good firewall will help to police that traffic through open ports is
legitimate - in order to test the firewall you need to stand *behind* it (not
in front of it) and catch & report what comes through that shouldn't have -
testing it from the outside is merely the first step you should perform
before you connect your system to an untrusted network. After that, the real
monitoring (constant, several times every day) begins - from within. *That's*
the checking that is necessary
Horst,
you make some very clear points here, and you are very correct.
When I used Smoothwall it's logs were indeed checkable in the way you
describe. I did check them from time to time, but the key is having the
capacity to understand what the logs are telling you. Most end-users,
including GPs, don't possess this skills, nor the time.
In large, security-conscious organisations, regular checking of firewall
logs is standard practice, but I doubt that it is done elsewhere, except
by highly-skilled users such as yourself.
What this means in terms of having 'real' security when using the
Internet, and how it could be achieved for most practices, could be the
substance of another debate.
The GPCG firewall guidelines go a long way towards aiding end-users, and
have proved useful to me in convincing GPs that they need to do more to
secure their access.
Greg
--
Greg Twyford
Information Management & Technology Program Officer
Canterbury Division of General Practice
E-mail: [EMAIL PROTECTED]
Ph.: 02 9787 9033
Fax: 02 9787 9200
PRIVATE & CONFIDENTIAL
***********************************************************************
The information contained in this e-mail and their attached files,
including replies and forwarded copies, are confidential and intended
solely for the addressee(s) and may be legally privileged or prohibited
from disclosure and unauthorised use. If you are not the intended
recipient, any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication or any action taken or
omitted to be taken in reliance upon this message or its attachments is
prohibited.
All liability for viruses is excluded to the fullest extent permitted by
law.
***********************************************************************
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
