[fw-wiz] Ok, so now we have a firewall, we're safe, right?

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 05/30/05

  • Next message: Chris Blask: "Re: [fw-wiz] Ok, so now we have a firewall, we're safe, right?" 
    To: firewall-wizards@honor.icsalabs.com
Date: Mon, 30 May 2005 12:18:05 -0400 (EDT)

    http://www.theinquirer.net/?article=23575

    (should lead to the next URL w/o registration in the more link at the
    bottom:)
    http://www.smh.com.au/news/Breaking/18-in-Israel-accused-of-hightech-spying/2005/05/30/1117305525972.html?oneclick=true

    If ever there were a wakeup call for people to start analyzing their
    firewall logs, this is it- nobody at any of the companies involved figured
    this out due to firewall logs, an author figured it out because their
    unpublished book was leaking.

    http://www.israelnewsagency.com/israelinternetspydefensearrests5540530.html

    Seems to also intimate the Trojan being injected via autorun CDs. Anyone
    require users to provide copies of CDs received in the mail to their
    security department for later evidence gathering?

    AV isn't going to be effective against most custom Trojan Horses. We're
    going to see more of this in the future- "Hey, I'm a Volvo dealer- I don't
    have anything important on-line" or "We're a hardware store, we couldn't
    possibly be a target!" Guess what? It doesn't take much to get those
    cross-hairs pointed at you, no matter what line of business you're in.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Chris Blask: "Re: [fw-wiz] Ok, so now we have a firewall, we're safe, right?"