One of my friend sent me a good article on "Who Invented the Firewall ?"
For me, I consider that M.J. Ranum is the father of firewalling as we know it today.
I have worked for 7 years on *-gw proxies, then on *-pdk (for those who know). I rewrote smap/smapd, improved http-pdk and so on.
Until now, I am still working on a firewall software editor, and MJ Ranum concepts are still up to date. I do not say that other were not doing security, but who could say "packet filtering module is a firewall module" ?
Using authentication daemon of TIS you can add a usefull value to security: "who is doing what ?"
Today, firewalling, as I can see, is not as good as it could be.
The ultimate firewall solution should be a description not of host using ports, but users using services.
It is easier to tell: "allow Alice to contact Bob over XMPP" than "allow from 10.0.0.1 to bob.domain.tld port 5222 keep-state"
NuFW/EdenWall seems great for this. It is not a finished project yet, compared with some great closed products, but the right idea is here.
During my web review, I have seen the following announce: SignServer project 4.0 is released. http://www.signserver.org/. It looks very interesting. And it shows me that apache project as its own mail server ?! James ... googlize it !
(Last week was very rich !!)
This is a interesting post about FreeBSD 4->5->6->7 releases, and why some of Linux gurus are telling "FreeBSD sucks". Well, I do not want to say that "FreeBSD is better than Linux" or "Linux is a *BSD killer" (but it is not :-). Take a look at Truth on FreeBSD 5.x releases". I am very proud of FreeBSD developers, because I love FreeBSD, much more than the hundreds of Linux distros. And Explanations given here are the real world on project management. I encountered almost every day at my own job !
Some fun: http://icanhascheezburger.com/
VoIP security news:
Sipera 5 threats in 2008: VoIP Security Threat Predictions
Let's see....
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire