Tuesday, April 16, 2013

SPC 2013 - Firewall

One of the tools in the infosec arsenal is the firewall.  Like any other tool, they can be used well and they can be used poorly.  When they are implemented incorrectly, they are an impediment for the good guys.  When they are implemented correctly, they act as a trusted sentinel for the good guys.

Here, I sing a song of praise for the well-designed and utilized firewall.


Each packet tells a story,
A single thread in the vast woven tapestry
Of ports and protocols and payloads.

Each handshake, each broadcast, each multicast shout
Race by my eyes and ears.

I stand alone as judge and executioner,
Making no decision without guidance from my Maker,
But once I'm told right from wrong,
You cannot pass if I deny,
You only pass if I allow.

I've gotten smarter after years of tricks and feints,
Endless shadowboxing, jabbing probes and roundhouse floods,
But I don't tire any more quickly
Than the caffeine-fueled demons that drive the engines
Of DoS and phish and drive-by blasts.

I stand and watch them fall.
I guard and shepherd the bits of this world
That hope only to speak freely with their partners
On the other side of the wall.

