Originally posted by: spidey07
Once again, a list of companies I have personally designed and implemented a desktop firewall on every PC:
American Standard
UPS
Netgain
My current employer
My ego is not bruised at all. You just aren't listening.
How is a roaming laptop that attaches to networks outside of your administrative control protected by good administration? This is really the worst case, with the second worst being internal hacking/survalence.
As I understand your position you are saying that it is alright if I attach to your network, scan all your hosts and then run known exploits on them. Or simply get a topogy map of your networks and all hosts attached?
I'm sorry. I can't leave this alone.
My first point, spidey07, is if this is your only point of every desktop having a software firewall then you're adding quite a bit of overhead to accomplish very little. If this were a very common thing in your network then I would be talking to the president of the company, because some people need to go.
My second point, administration and good physical management makes this quite difficult. Plus, if you have good sniffers in and around critical locations you should be warned of such events and catch them in the act, which in some ways is better than denying them because the problem is eliminated (and in some cases hauled off to jail). However, read my first point again.