[unisog] High speed firewalls - Connections per second not bits per second

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Feb 21 18:18:31 GMT 2005


On Mon, 21 Feb 2005 10:40:28 CST, "Mayne, Jim" said:
> Currently TCU is using a Checkpoint FW1 NG AI firewall running on a
> Nokia platform in front of our RESNET network. We have begun to see more
....
> can think of). 1k cps is not much when you have even a few infected
> machines.

The cynic in me says that a productive use of your money is to just *leave*
that box there, *let* it melt down - and when students complain, tell them it's
the fault of the few machines infected with W32-Worm-DuJour. Hopefully, it
won't be long before all the students recognize the value in not dumping sewage
in the public water supply... ;)

But seriously - the lack of that sort of noticable feedback is a large part of
why we have such widespread security issues.  When the average user doesn't
have any sense of "my computer's security matters to others", there's a lot less
incentive to do things right.  If you *know* that screwing up will gain you
a lot of negative peer pressure, you're a lot more likely to at least try to
get things right....

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050221/e0a6c567/attachment.bin


More information about the unisog mailing list