[framework] Spam: How safe is a hardware firewall?
Kim Guldberg
kim at bufferzone.dk
Mon Nov 5 11:58:14 CST 2007
Hi Robin
A hardware firewall is just as safe or unsafe as any other firewall,
it's all in the configuration and setup, just one hole or
misconfiguration and your are screwed. FortiGate is a well known brand
and has an ok reputation.
Your servers are not necessarily ok. You write that you have opened the
important ports which is plenty enough for a hacker if the systems
behind the firewall are un patched or has exploitable vulnerabilities.
You write nothing about how you filter outbound traffic. This is very
important since the hacker has to be able to connect back out through
your firewall. It's is ok to leave the firewall open from outside in, if
the hacker cannot come back out. Of cause it's is more safe to block
both incoming and outbound as efficiently as possible.
If you just look at your firewall, you will never get a secure system.
You need to look at all the levels and all the units from a security
point of view.
Best regards
Kim Guldberg
Robin Kipp skrev:
> Hi guys,
> I hope this topic isn't to much off-topic since it isn't Metasploit
> related... I just put a FortiGate hardware firewall between my server
> and the internet. I left all the important ports (HTTP, SMTP, POP3
> etc) open, but the traffic is always being checked by the firewall.
> The firewall has thousands of attack definitions, virus signatures
> etc... Do you think I can say that my server is safe behind the
> firewall or are there always ways to hack the firewall and bypass it?
> Robin
More information about the framework
mailing list