Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas <spamfilter0@xxxxxxxxxxxxxx>
- Date: Mon, 14 Aug 2006 05:07:18 GMT
On 14 Aug 2006 04:26:09 GMT, phil-news-nospam@xxxxxxxx wrote in
<ebou1102hmh@xxxxxxxxxxxxxxxxx>:
On Sat, 12 Aug 2006 00:16:54 GMT John Navas <spamfilter0@xxxxxxxxxxxxxx> wrote:
| On 11 Aug 2006 17:23:05 GMT, phil-news-nospam@xxxxxxxx wrote in
| <ebiedp1200j@xxxxxxxxxxxxxxxxx>:
|
|>On Wed, 09 Aug 2006 14:31:39 GMT John Navas <spamfilter0@xxxxxxxxxxxxxx> wrote:
|>| On Wed, 09 Aug 2006 02:42:28 GMT, John Navas
|>| <spamfilter0@xxxxxxxxxxxxxx> wrote in
|>| <raiid2huhon8m5fee0o3cfun6qk7vds2dp@xxxxxxx>:
|>|
|>|>On 8 Aug 2006 21:41:27 GMT, phil-news-nospam@xxxxxxxx wrote in
|>|><ebb0e7067d@xxxxxxxxxxxxxxxxx>:
|>|
|>|>>So how would you connect a doctor's office to the internet to be in full
|>|>>compliance with HIPAA?
|>|>
|>|>Isolated network zone, enforced by router and firewall rules.
|>|
|>| More Complete Answer: My preferred solution is to put the server behind
|>| a dedicated firewall and VPN endpoint that only allows connections over
|>| authenticated VPN and blocks all outbound connections. The hardware is
|>| secured in a locked cabinet which only the administrator can open. Even
|>| if the LAN/WLAN were to be breached, the server would remain fully
|>| secure behind the firewall, which logs activity and access attempts that
|>| are regularly reviewed as part of the ongoing security process. When an
|>| intrusion attempt is detected, the administrator is automatically paged.
|>| All of this can easily be done on a modest budget -- all it really takes
|>| is skill, business and technical.
|>
|>How does VPN help an office connect to the internet?
|
| Isolates the server.
And how does isolating the server have anything to do with VPN?
VPN is the means of access to the isolated server.
Do you really not understand that, or are you just being argumentative?
|>BTW, I used to do intrusion attempts by pager. No longer. The noise level
|>is way too high. Intrusion attempts are at such a high level these days
|>that if you were to respond to each one, you would get very little else
|>done.
|
| My filter and threshold results in relatively few alerts.
If you block the common points of hacker attacks and don't enable them
for alerts, that would work. What is your threshhold? 10,000?
Way more sophisticated than that.
|>What you do is block the access in a sufficiently confident way that
|>you don't have to concern yourself with attempts.
|
| That kind of confidence is almost always misplaced in my experience.
You have to make some sort of tradeoff. You can't be having your pager
go off every couple minutes every time someone probes some port.
Mine doesn't.
|>So unless you have access
|>to the means to track down and prosecute those who attempt to intrude (e.g.
|>you run the FBI network, for example), don't waste your time.
|
| I don't waste my time. I do protect my clients.
But I wonder if you are getting paged for every intrusion attempt, or if
you are just ignoring the bulk of them. With so many going on (rarely
do I ever see an hour long period without an attempt), it has to be one
or the other. Or are you now using knock-knock access schemes?
Again, way more sophisticated than that. It's why I get paid the (not
so) big bucks. :)
--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>
.
- Follow-Ups:
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- References:
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: John Navas
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- From: phil-news-nospam
- Re: The OTHER problem with Netgear WGT624 (and probably others)
- Prev by Date: Re: The OTHER problem with Netgear WGT624 (and probably others)
- Next by Date: Re: The OTHER problem with Netgear WGT624 (and probably others)
- Previous by thread: Re: The OTHER problem with Netgear WGT624 (and probably others)
- Next by thread: Re: The OTHER problem with Netgear WGT624 (and probably others)
- Index(es):
Relevant Pages
|
