Re: IPSEC == end of firewalls
At 10:55 AM 1/23/96 -0500, Ben <adept@minerva.cis.yale.edu> wrote:
functionality of most firewalls would eventually be an add-on application option for Operating Systems and that eventually it will be a standard part of every Operating System. Until then, we have to punt & keep using firewalls.
I'm not so convinced that adding 'firewall functionality' to an OS is such a good idea. The idea behind having a firewall is that * You have a hardened host that has been stripped of anything that could be used by an attacker to compromise other systems * You have a single machine that serves as the sole port of entry into your domain. By keeping your defense perimeter nice and small it makes it manageable to maintain.
I agree with your statements above about firewalls and wholeheartedly agree that a firewall needs these characteristics (among others) to remain relatively secure. However, I am I'm not saying that adding firewalling capabilities would make the system invincible. I *am* saying that it would provide the system with more security than it currently has and would help to reduce (not eliminate) some risks associated with networking. Of course, it would be terrific if the vendors would produce Operating Systems which are secure AND usable. (I think the market will eventually demand this from vendors, but this probably won't happen in the next year or two.)
When you start trying to switch firewall functionality to an OS you lose both these advantages. You no longer have a system that is stripped of compilers, scripting languages, etc, and you now have a much larger security perimeter.
Agreed - to a point. The idea is to provide the systems with increased defensive capabilities - lowering potential risks. (See above paragraph) FWIW, I feel rather uncomfortable continuing this thread in the cypherpunks mailing list when the subject at hand deals more with firewalls than it does with cryptography. I would prefer to continue this discussion in the firewalls mailing list (of which I am a fairly regular participant). If you would like to subscribe to the firewalls mailing list, send a mail to: majordomo@GreatCircle.com (leaving the subject line blank) and in the body of the message put: subscribe firewalls "your_email_address" (omitting the quotes). See you there.
Ben. ____ Ben Samman..............................................samman@cs.yale.edu "If what Proust says is true, that happiness is the absence of fever, then I will never know happiness. For I am possessed by a fever for knowledge, experience, and creation." -Anais Nin PGP Encrypted Mail Welcomed Finger samman@suned.cs.yale.edu for key Want to hire a soon-to-be college grad? Mail me for resume
Best Regards, Frank Fortified Networks Inc. - Management & Information Security Consulting Phone: (317) 573-0800 - http://www.fortified.com/fortified/ For a free downloadable Internet Firewalls Checklist, please see our home page. <standard disclaimer> The opinions expressed above are of the author and may not necessarily be representative of Fortified Networks Inc.
This thread definitely belongs as cypherpunks, as the whole point of the discussion is to debate the limits of what cryptography on its own can achieve. What do you need as well as crypto before you can remove all firewalls? Simon (defun modexpt (x y n) "computes (x^y) mod n" (cond ((= y 0) 1) ((= y 1) (mod x n)) ((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n)) (t (mod (* x (modexpt x (1- y) n)) n))))
Because this has Cpunks relevance in the use of crypto, I'm going to keep it on this list...
remain relatively secure. However, I am I'm not saying that adding firewalling capabilities would make the system invincible. I *am* saying that it would provide the system with more security than it currently has and would help to reduce (not eliminate) some risks associated with networking.
But what does it mean to add 'firewalling capabilities' to an O/S? By definition, a firewall is supposed to stop the spread of 'fire' by being the sole mechanism for the interchange of packets. If you're referring to making a hardened OS that can protect itself through the use of well written code, memory protections, etc. then, yes by all means add it to your OS, but these shouldn't be luxuries in that they're thought of as 'firewalling' features. Rather these things should be compulsory in the development of OS's.
Of course, it would be terrific if the vendors would produce Operating Systems which are secure AND usable. (I think the market will eventually demand this from vendors, but this probably won't happen in the next year or two.)
Even if OS's could be secure(lets not get into Orange Book here) they would need constant updating. Most users have problems printing, let alone installing patches and tweaking afterwards to deal with conflicts. And you can't expect IS to micromanage the corporation's entire fleet of machines. This would be nice, and would be a good start, but like I said above, these things shouldn't be considered to be luxuries. Rather they should be compulsory. That doesn't mean that they will obsolete firewalls by any stretch of the imagination. Ben. (I'm starting to think Frank may have been right to move this to firewalls. I think I'll crosspost this message too) ____ Ben Samman..............................................samman@cs.yale.edu "If what Proust says is true, that happiness is the absence of fever, then I will never know happiness. For I am possessed by a fever for knowledge, experience, and creation." -Anais Nin PGP Encrypted Mail Welcomed Finger samman@suned.cs.yale.edu for key Want to hire a soon-to-be college grad? Mail me for resume
participants (3)
-
Ben -
Frank Willoughby -
Simon Spero