ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Can it end now? \rant

    Water Closet
    6
    22
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • thwrT
      thwr @bbigford
      last edited by

      @BBigford said in Can it end now? \rant:

      @thwr said in Can it end now? \rant:

      @BBigford said in Can it end now? \rant:

      We disable it (for internal-only machines, domain only. Public and private are active) because there are many other layers of security in place. Having it on and risking compromise is outweighed by the added headaches of figuring out why the firewall is blocking something. Anything external facing has maximum security though (web servers/etc).

      You know that one of the most dangerous attack vectors is the one from within your network? No more IDS/IPS or UTM to pass, it's the free wild. I would leave it on, better some protection than no protection. Adding a new rule for a webserver is a one-liner.

      Valid point. I was told not to enable any of them. So maybe they are going based on trust. 😄

      Well, ... uhm, just make sure that no one points at you when things go south.

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller @bbigford
        last edited by

        @BBigford said in Can it end now? \rant:

        Valid point. I was told not to enable any of them. So maybe they are going based on trust. 😄

        By someone working in an IT department? If someone told me that I'd ask a manager to look into if they were socially engineering me. That sounds like someone testing you.

        1 Reply Last reply Reply Quote 1
        • 1
        • 2
        • 2 / 2
        • First post
          Last post