WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Mailing Lists<br />
Mailing Lists<br />
wg-users@watchguard.com<br />
<strong>WatchGuard</strong> sponsors a listserv for our customers. For more information, see the Technical<br />
Support chapter in the User <strong>Guide</strong>.<br />
firewall-wizards@nfr.net<br />
Firewall gurus from around the world discuss and answer all types of questions.<br />
Full Disclosure<br />
When Symantec bought Security Focus and its lists, suspicious security expersts and network<br />
administrators fled. Where did they go? Largely to FullDisclosure. Pros: Cannot be biased by any<br />
vendor because it's completely unmoderated. First choice for posting latest discoveries by<br />
some big-name researchers. Black-hat hackers like to harass this list, inadvertently providing<br />
useful perspective on the "script kiddie" mindset. Con: Because it's unmoderated, this highvolume<br />
list will drown you in 20 irrelevant flame-war e-mails for every on-topic comment. Net:<br />
You get what you pay for, and this list is free. Try it briefly to familiarize yourself with it, but use<br />
Outlook rules to divert Full Disclosure e-mails to a folder you can read at leisure.<br />
VulnWatch and VulnDiscuss<br />
These lists are, respectively, moderated and unmoderated. Pro: You can not only get security<br />
advisories from vendors, you can also see what the rest of the IT community thinks and feels<br />
about them. Con: Fairly large volume of highly technical alerts difficult for newcomers to<br />
understand. Net: While you wouldn't want this as your only source of security news, it provides<br />
a solid source for confirmation and alternate opinions on security trends.<br />
Secunia<br />
Pro: This list notifies on every vulnerability under the sun. Con: Secunia mostly reproduces<br />
vendor releases, without analysis or suggested remediation for IT beginners. And did I mention<br />
they report on everything under the sun? If you don't know Linux/Unix, you won't understand a<br />
lot of the bulletins. Net: High volume, but all on topic (unlike FullDisclosure). Try it to see if it's<br />
for you.<br />
General IT and Security Web Sites<br />
First, a note to any intrepid beginner who is reading this: not all of these sites are sponsored by good<br />
guys. Some of them post malicious code that hackers use. Do not download or execute anything you do<br />
not fully understand.<br />
<strong>WatchGuard</strong> Frequently Asked Questions<br />
www.watchguard.com (Click Support, Log into LiveSecurityService, click Knowledge Base, click<br />
FAQs)<br />
www.cerias.purdue.edu/<br />
The Center for Education and Research in Information Assurance and Security (CERIAS) is<br />
currently viewed as one of the world’s largest centers for research and education in areas of<br />
information security that are crucial to the protection of critical computing and communication<br />
infrastructure. CERIAS is unique among such national centers in its multidisciplinary approach<br />
to the problems, ranging from purely technical issues (e.g., intrusion detection, network<br />
security, etc.) to ethical, legal, educational, communicational, linguistic, and economic issues,<br />
and the subtle interactions and dependencies among them.<br />
<strong>Reference</strong> <strong>Guide</strong> 83