Re: [fw-wiz] Worms, Air Gaps and Responsibility
From: ArkanoiD (ark_at_eltex.net)
To: Dana Nowell <DanaNowell@cornerstonesoftware.com> Date: Fri, 14 May 2004 14:26:42 +0400
More sophisticated data analysis is performed by device, more possibilities
to exploit it via _transit_ data, not initiating connections to the router
On Thu, May 13, 2004 at 02:38:56PM -0400, Dana Nowell wrote:
> On Wed, 12 May 2004 13:51:55 -0400 (EDT) Paul D. Robertson opined:
> >On Wed, 12 May 2004, Claussen, Ken wrote:
> >> Paul,
> >> Even Cisco is not immune to the exploits.
> >My point was that given the platform's ubiquity, we hadn't seen a worm-
> >that doesn't mean it's not possible to do one, it means that it's not a
> >given that ubiquity equates to common and automatic malcode exploitation.
> >In fact, the point that we've had Cisco exploits in the past simply
> >underlines the fact that ubiquity isn't the only driver for mass malcode
> Come on Paul that's a skewed comparison. I don't know about you but I do
> not let any traffic arriving at the external router adapter 'talk to' the
> router. Sure it passes through but if 'you' go ahead and try telneting to
> my external address, the ACL says NO! and logs the attempt (and I
> frequently contact 'your' ISP).
firewall-wizards mailing list