[fw-wiz] Worms, Air Gaps and Responsibility

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 05/05/04

  • Next message: Paul D. Robertson: "Re: [fw-wiz] CIsco PIX vulnerable to TCP RST DOS attacks" 
    To: firewall-wizards@honor.icsalabs.com
Date: Wed, 5 May 2004 08:24:40 -0400 (EDT)

    Hospitals, banks, the U.K. Coast Guard... The damage from the latest
    Microsoft-based worm isn't as widespread as that from the last one, but
    it's pretty darned bad in point cases.

    Why do people continue to connect critical production networks to
    user/administrative networks?

    Surely networking equipment is cheap enough that a real honest air gap
    (not some marketingspeak switch thingie) isn't all that difficult to
    deploy?

    Air gaps make great firewalls. They rarely need upgrading, they're
    low-power and low-heat, and they're less filling and taste great.

    Worst-case, a few low-end firewalls to segment the users off from the
    production stuff should be a no-brainer these days.

    All the money, effort and time people are spending on IDS, IPS, and all
    the other buzzword-compliant devices, and yet we still don't have good
    solid separation and segmentation in places where, one would expect that
    the responsibility for running a critical network would require some level
    of protection to be displayed.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Paul D. Robertson: "Re: [fw-wiz] CIsco PIX vulnerable to TCP RST DOS attacks"

    Relevant Pages

    • [fw-wiz] ISP firewalling of residential customers - was - About Port Forwarding, Apache and Firewall
      ... > firewalls, and kept there. ... to protect our customers (absence of funds and man-power always figure ... policy on my residential networks. ... The big issue from a business standpoint is that popular opinion seems to ...
      (Firewall-Wizards)
    • Re: Unexplained wan/lan activity
      ... >> firewalls and networks and such. ... A little while ago I noticed wan activity going on, ... > windows try a packet ...
      (comp.security.firewalls)
    • Re: Network Design
      ... Good for VPN setups and can range from low end firewalls, for small networks, up to much bigger systems for large corporate networks. ... Modeled after the famous Black Hat event in ... Symantec is the Diamond sponsor. ...
      (Security-Basics)
    • RE: [fw-wiz] so much for "deny all"
      ... I think that Gartner's assertion that these firewalls "...allow all network ... capabilities in addition to features. ... Despite the obvious problems firewall vendors are ultimately just ... that appeal to our lazy networks and lax policies. ...
      (Firewall-Wizards)
    • Re: Same IP for 2 NICs on 1 computer
      ... Problem lies for the host computer with connections in both networks. ... there are hosts on both sides of each network segment then how will the ... little mini segment between the router and the host server. ...
      (microsoft.public.win2000.networking)