Re: [fw-wiz] Ok, so now we have a firewall, we're safe, right?
From: Carson Gaspar (carson_at_taltos.org)
To: firstname.lastname@example.org Date: Thu, 02 Jun 2005 04:26:57 -0400
--On Tuesday, May 31, 2005 6:42 PM -0400 Chris Blask <email@example.com>
> The data and operational ability is there to give visibility into network
> activity - it's just a Very Large Numbers problem (but so are Large
> Primes, and we just keep building bigger gear to handle it). Products
> exist to do this today, just not many people are using them yet.
> That sort of capability doesn't solve all the world's problems, but it
> makes a lot of things clearer.
No argument here - I'm all for obsessive log retention and analysis. I just
wanted to raise the issue of email attachment attack vectors being stupidly
easy to prevent in the general case. There are some nasty corner cases
(having to do with MIME ambiguity and encoding bogosity), but they're
-- Carson _______________________________________________ firewall-wizards mailing list firstname.lastname@example.org http://honor.icsalabs.com/mailman/listinfo/firewall-wizards