> > If the netowkr architecture was done correctly and the underlying
> > operating system was hardened to only allow that particular application's
> > protocol to be the only service enabled then it would be very hard to
> > actually get in.. Marcus's assumption is that every firewall admin or
> > firewall admin wannabe misconfigures their firewall on a general basis.
>
> Your assumptions don't hold true for ActiveX-enabled Web browsers on
> Windows9x, lusers executing greeting cards, Excel/Word macro viruses,
> e-mail viruses... Marcus' statement holds true for that set of things as
> well as externally originated traffic.
(Sorry Paul, I like your posting a lot (and I am really more "on your side"), so no
offense, but) "mht" *might* have covered these cases by saying "if the network
architecture was done correctly ..". Probably far fetched, but this term *could*
include ActiveX & Java disabeled on all hosts, and a "mail filter*" that would put
ANY attachment in /dev/null. Call me crazy, but: If security is absolutely vital to an
organisation their policy should be like this (and they should use alternative ways to
distribute files). (See my post to mht for what I think *Marcus* really meant)
* This gave me an idea (maybe it exists already, but): How about a mail filter that
would require all attachments to be (PGP?? (probably not, but maybe a custom thing
that would use a key with the same level of security of the PGP secret key)) encrypted
with a "public" key that was given only to those with a valid need to send attachments
to the organisation (thru a secure channel of'coz)? Any other attachments would go to
dev/null. Sure a lot of hassle, but if that level of security is needed, this might be
a solution? Anyone?
> > So I would take his statement with a grain of salt and state that if a
> > security network architecture is setup securely and applications that
> > possible are vulnerable are placed strategically things will not get
> > broken into as fast as he claims..
>
> The point that the firewall's protection mechanism is based on what's
> blocked, not what's passed is still valid. Incomming traffic doesn't
> have to be externally initiated, it can be DNS, HTTP, SMTP...
Good points.
Any thoughts on which attacks/threats are possible in this situation (i.e. traffic
internally initiated)? I can think of threats like spoofing, and redirection (to sites
that claim to be what they are not). But are there any attacks that can be
accomplished this way? To compromise either the FW or hosts on the inside?
BTW: Hey, how come everyone else in this tread is @clark.net?? :)
Regards,
Per
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
