DISQUS

Er....are you serious?
So you mean you can't create an inbound port forwarding rule? (which on most devices implies that the outbound source ports will be preserved)
Also are you sure the device doesn't have any SIP Application Layer Gateway functionality enabled?

Apologies in advance for the lack of structure in what I'm about to write.

One thing that came to mind when reading your article which I thought was more important was the effect of being in 'the Cloud' with regard to security monitoring.

Do the consequences of having a dramatic reduction in visibility with regard to security monitoring outweigh the benefit of increased security that may come with a shift to 'the Cloud' ?

I would say yes. (Although I have not pondered the question for long enough)

Discuss.

Yes, I think so

This page is not valid XHTML 1.0 Strict! :)

This page is not valid XHTML 1.0 Strict! :)

Yeah, that was a good post on Richard's blog - it's a concept that everyone wants, but the implementation may get slightly tricky.

Just on Richard Bejtlich's stuff - I feel the need to point out that perhaps you're overlooking the power of session data. In fact that's one of the big things I learnt after reading one of his books. I used to think of network capture mainly in terms of full-content capture; now I think that session data alone, is highly underrated.

Yeah, that was a good post on Richard's blog - it's a concept that everyone wants, but the implementation may get slightly tricky.

Just on Richard Bejtlich's stuff - I feel the need to point out that perhaps you're overlooking the power of session data. In fact that's one of the big things I learnt after reading one of his books. I used to think of network capture mainly in terms of full-content capture; now I think that session data alone, is highly underrated.

As long as it isn't Windows Home Server....
http://www.dailytech.com/Windows+Home+Server+St...>

As long as it isn't Windows Home Server....
http://www.dailytech.com/Windows+Home+Server+St...>

Yuck!
I'm not sure if you can call the stuff Starbucks sells 'coffee'...

Yuck!
I'm not sure if you can call the stuff Starbucks sells 'coffee'...

Also fyi:

http://taosecurity.blogspot.com/2007/12/expert-commentary-on-span-and-rspan.html

Also fyi:

http://taosecurity.blogspot.com/2007/12/expert-commentary-on-span-and-rspan.html

I happen to share many of the same sentiments as exabyte, but if I had written them I perhaps would have done so in a more er...tactful way.

I happen to share many of the same sentiments as exabyte, but if I had written them I perhaps would have done so in a more er...tactful way.

I agree.

(I would be hesitant in saying GSEC is a "good" technical certification, but I don't think this is relevant to the discussion -- and I may simply have a wrong perception of it.)

I agree.

(I would be hesitant in saying GSEC is a "good" technical certification, but I don't think this is relevant to the discussion -- and I may simply have a wrong perception of it.)

Shhhhhh, some managers are going to get offended.

Shhhhhh, some managers are going to get offended.

Just for your information:

Sabayon Linux is not simply just an overlay based on the Gentoo tree, with binaries. There are major differences, a lot of which pose unique problems to Sabayon users.

Just for your information:

Sabayon Linux is not simply just an overlay based on the Gentoo tree, with binaries. There are major differences, a lot of which pose unique problems to Sabayon users.

Your camera skills / camera settings are shocking.
There, I said it. (Feel free to send abuse/death threats to the appropriate address)

Your camera skills / camera settings are shocking.
There, I said it. (Feel free to send abuse/death threats to the appropriate address)

Correction: *note the improvements

Correction: *note the improvements