On Mon, 10 Jun 2002, Michel Py wrote: > > Pekka Savola wrote > > You take one approach and disregard all the others. > > I don't. I just say that in this scenario site-local address helps. What > is the hacker knows the backdoor because he installed it himself and > cannot compromise the web server? Your argument is irrelevant. > > > Security is about finding the weakest links and strengthening them. > > You just looked at only one of them here.. > > Security is about plugging holes. There are hundreds to plug. Saying > that plugging a hole is useless because some other holes might be open > is the best way to get hacked.
If hacking into the firewall to install a static NAT mapping is the easiest (or one of the easiest) way to break into a system, something is REALLY REALLY wrong IMO. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
