Re: ics and firewall

From: NeoSadist (neos@dist)
Date: 02/11/03

From: "NeoSadist" <neos@dist>
Date: Tue, 11 Feb 2003 13:21:48 -0700

"B. Switzer" <> wrote in message
> "Mike" <> wrote in message
> > >> How can a SPI firewall device with no external open ports be hacked?
> >
> > >Here's two:
> > >1. Software Bugs
> > >2. Trojan Horses / Virii.
> >
> > 1. Do you know of any past/recent bugs that caused an SPI firewall
> > device to be compromised? I'd like to know more about it.
> > 2. What if different systems and methods are in place that block/nuke
> > these things at multiple points locally (and remotely)?
> >
> > Mike
> I don't have stats. or references for you, I haven't been looking or
> tracking. But, any time there's a bios / firmware / software or other
> update, it's usually not just for bug fixing but for security bug fixing
> well.

Yes, obviously it can't just be for one thing, and there are new threats
every day, etc yada yada yada....

> 2. goes back to what many have said here, security is more than just
> firewall. If we just consider security, then I think saying that something
> like ZoneAlarm to block outgoing as well is necessary, isn't unreasonable.
> The trick is to make the redundancies contributory, not redundant. i.e. A
> second firewall just checks things twice pointlessly, but only permitting
> certain things out is not something that a hardware firewall checks.


> Not everyone is computer savvy, that's why such products exist. Nor should
> they have to be. Inevitably someone will inadvertently get something that
> phones home. Call it Trojan, spyware, or adware, or whatever, even
> reasonable people will do it inadvertently. Thus the need for firewall,
> security, virus software, and everything else.
> It's a nasty world out there, something I don't think is going to change
> time soon.