OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: RE: [firewalls] Digest Number 388
From: Michael.Owennet-tel.co.uk
Date: Wed Dec 13 2000 - 09:59:00 CST

> Likewise, it doesn't take a rocket scientist to realize that the name
> of the
> file can be changed. So having to have these fundamental flaws in
> architecture
> pointed out to them before they begin to concern themselves with
> addressing them
> severely damages their credibility at a very fundamental level for me.

This strikes me as an overreaction - what exactly should they be doing? Unless they perform a checksum on every application every time it connects to the 'Net, this sort of a problem will likely exist. I would say that checking port numbers and executable names is pretty good - a standard packet filter makes its decisions based strictly on ports.

Tools like personal firewalls are not a cureall. While I think the current hype is largely that - hype, it's good that people are being told that a personal firewall isn't an excuse to ignore all other aspects of security. A personal firewall, an up-to-date virus scanner, and the sense to only execute things you trust will serve you quite well.

In a corporate environment, users who don't understand this need to be educated, and users who deliberately ignore these rules should have their 'Net access curtailed.

Mike 

----
Michael Owen
IT Security Engineer
NET-TEL Computer Systems Ltd
Michael.Owennet-tel.co.uk
-
[To unsubscribe, send mail to majordomolists.gnac.net with
"unsubscribe firewalls" in the body of the message.]