Swapping out Firewalls

Andrew Mitry — Thu, 20 Sep 2007 13:49:57 +0000

On three separate occasions we tried to swap out our firewall for a newer model but we kept having problems with inbound traffic on public IP addresses other than the one assigned to the WAN interface of the firewall.Â Turns out that the switch on the ISP side wasn’t seeing the interface go down so the ARP cache was not clearing (I think this had something to do with the way our SONET Fiber ring is configured).Â Once we got our ISP to clear the cache, inbound traffic routed correctly.Â Cox, our ISP says the default timeout on their switch for the cache is 10 minutes.

Recommended Reading on Security

Andrew Mitry — Sun, 17 Jun 2007 22:14:53 +0000

Over the past few weeks I have been reading two books by celebrated former hacker, Kevin D. Mitnick. They have really opened my eyes to how vulnerable we are. Yes, I know that some of you think that I am already overzealous about security, but when you realize how easy it is to bypass security, whether using social techniques or technology hacks, it is scary. If you work with technology or lead an organization, I highly recommend reading Kevin’s books.

The Art of Deception: Controlling the Human Element of Security
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers

Also, last week Tim Fehlman on Daily Cup of Tech, focused on security, his Security Week Windup is a great resource.

A couple more links on security:
Dark Reading: What to Do When Your Security’s Breached
InfoWorld: The 14 best ways to protect your computers

Speaking of security, while walking into the lobby of a local Caribbean restaurant, Mango Mike’s, I came across an interestingly placed server cabinet…

anchorite.org » Security

Swapping out Firewalls

Recommended Reading on Security