News for nerds, stuff that matters
Sections
About
Slashdot Log In
Masa (74401)
Masa
(email not shown publicly)
(email not shown publicly)
Boneheaded firewall rules
Monday March 14 2005, @05:15AM
I have to say that the IT department of my employer doesn't have a clue at all.
They forced a new installation of a Symantec Firewall package to my computer (thanks, AD!). This new installation disables automatically the built-in Windows firewall. Well, that's fine except there seems to be a teeny tiny problem with the Symantec rule set. It doesn't block anything at all from the outside!
Well, of course my machine was hit immediately when this happened. Now I have the Windows firewall re-enabled and I hope that the Symantec application doesn't disable it again.
The worst part of this story is that there seems to be no way to tell this situation to anyone so the rule sets could be fixed. At the moment I'm writing this, the IT department is happily installing this defected rule set to all of our computers. Nice to know, that there will be tens of thousands machines vulnerable in our own local network. It will take just one contaminated machine to bring down the entire company.
They forced a new installation of a Symantec Firewall package to my computer (thanks, AD!). This new installation disables automatically the built-in Windows firewall. Well, that's fine except there seems to be a teeny tiny problem with the Symantec rule set. It doesn't block anything at all from the outside!
Well, of course my machine was hit immediately when this happened. Now I have the Windows firewall re-enabled and I hope that the Symantec application doesn't disable it again.
The worst part of this story is that there seems to be no way to tell this situation to anyone so the rule sets could be fixed. At the moment I'm writing this, the IT department is happily installing this defected rule set to all of our computers. Nice to know, that there will be tens of thousands machines vulnerable in our own local network. It will take just one contaminated machine to bring down the entire company.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
brilliant (Score:2)
I recommend sending mail to firewalls at isc dot org FAQ and archives here [isc.org]. They have been remarkably low-volume over the past few years. I know one of the list maintainers.
P.S. important (Score:2)
Re:brilliant (Score:2)
To tell the truth, I'm a bit shy to report this kind of things anywhere else than my own journal. Besides, I'm suspecting that this is an internal problem of our company and not directly related to the official configuration of the Symantec software firewall. So, at least part of this problem isn't very interesting for general public.
However, I've done some further studies with the firewall and I've noticed one curious thing about it, which I think might actua