Re: [fw-wiz] i-cap proposals

• Previous message: Anthony de Boer: "Re: [fw-wiz] Application-level Attacks"
• In reply to: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Next in thread: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Reply: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: ArkanoiD <ark@eltex.net>
Date: Tue, 22 Feb 2005 08:31:01 -0500 (EST)

On Sat, 19 Feb 2005, ArkanoiD wrote:

> Because people need access to their personal mailboxes out in the internet
> from the workplace, and environtments fascist enough to prohibit them

There's a difference between "need" and "want." People also want to take
things from the workplace that don't belong to them, but we don't allow
that behavior.

> from doing it are not that common at all. So there should be a way to
> minimize risks without being BOFH.
>

No- security is based on blocking. The less you allow, the less risk you
assume. It's that simple. Every extra thing you allow increases your
risk in an unquantifyable manner. When it's vectors like E-mail where
there's a high attack rate, then you're increasing risk significantly,
because we don't have good protections for Windows desktops for new
malware.

My take's always been that if you want to do personal e-mail, do it on
your time, on your machine. If you can negotiate otherwise, fine, but the
generic drooling desktop user doesn't get to play at work.

My other take is that it works from most places simply because "Anything
out, state or ACK back" is the sum total of most site's firewall rulesets.

I've never been anywhere that had a real security policy where mail reader
protocols were allowed to external systems.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Anthony de Boer: "Re: [fw-wiz] Application-level Attacks"
• In reply to: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Next in thread: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Reply: ArkanoiD: "Re: [fw-wiz] i-cap proposals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages One for TOG - Health & Safety ... It appears that the HSE have identified a risk associated with too many ... H&S signs in the workplace - which dilutes the effect of the really ... (uk.rec.motorcycles) Re: The smoking ban in France... ... hand smoke IS currently regulated in the workplace. ... hand smoke IS currently regulated in the workplace." ... risk to ones health as second hand smoke IS currently regulated in the ... In that sense many toxins "equivalent [in[risk to ones ... (rec.music.gdead) Re: The smoking ban in France... ... hand smoke IS currently regulated in the workplace. ... "Pretty much everything of equivalent risk to ones health as second ... hand smoke IS currently regulated in the workplace." ... risk to ones health as second hand smoke IS currently regulated in the ... (rec.music.gdead) Trust and Risk in the Workplace ... Dr. Monica Whitty (Queens University of Northern Ireland) is doing a ... study on "Trust and Risk in the Workplace." ... it's kind that will analyze workplace use of computers. ... (comp.security.misc) Trust and Risk in the Workplace ... Dr. Monica Whitty (Queens University of Northern Ireland) is doing a ... study on "Trust and Risk in the Workplace." ... it's kind that will analyze workplace use of computers. ... (alt.true-crime)