[Dshield] Secure computing (was: Port 135)

John Hardin johnh at aproposretail.com
Wed Oct 30 20:49:26 GMT 2002


On Tue, 2002-10-29 at 11:36, Lauro, John wrote:
> It is more analogous to a hotel and apartment building.  The lobby and
> halls may be wide open, but you still have individual locks on every
> room, and visitors can knock on individual rooms.  However, if you
> want the firewall approach, then the visitor must buzz the room, and
> the person in room must buzz the main entrance door open to even get
> in the building.

That's actually a pretty good analogy.

The man at the front door (the outer firewall) keeps the obvious crazies
out.

The lobby (the DMZ) hosts the publicly-accessible services (restaurant,
bar, conference rooms, etc.)

The cardkey-locked door in the back (the inner firewall) lets
tenants/guests get to the rooms and pool.

Now you just have to worry about people climbing in the windows... :)

-- 
John Hardin  KA7OHZ                           <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 ...people confuse "security" and "Trustworthy Computing."
                                 - Craig Mundie, MS Senior VP and CTO
-----------------------------------------------------------------------
 49 days until The Two Towers




More information about the list mailing list