Re: ics and firewall

From: NeoSadist (neos@dist)
Date: 02/11/03


From: "NeoSadist" <neos@dist>
Date: Tue, 11 Feb 2003 13:21:48 -0700


"B. Switzer" <bswitzer@myprivacy.ca> wrote in message
news:md82a.1276$0p6.151910444@mantis.golden.net...
>
> "Mike" <spamlessmike@spamcop.net> wrote in message
> news:ttvg4vka1q2pcmrctihtn32evng8jevhor@4ax.com...
> > >> How can a SPI firewall device with no external open ports be hacked?
> >
> > >Here's two:
> > >1. Software Bugs
> > >2. Trojan Horses / Virii.
> >
> > 1. Do you know of any past/recent bugs that caused an SPI firewall
> > device to be compromised? I'd like to know more about it.
> > 2. What if different systems and methods are in place that block/nuke
> > these things at multiple points locally (and remotely)?
> >
> > Mike
>
> I don't have stats. or references for you, I haven't been looking or
> tracking. But, any time there's a bios / firmware / software or other
> update, it's usually not just for bug fixing but for security bug fixing
as
> well.

Yes, obviously it can't just be for one thing, and there are new threats
every day, etc yada yada yada....

>
> 2. goes back to what many have said here, security is more than just
> firewall. If we just consider security, then I think saying that something
> like ZoneAlarm to block outgoing as well is necessary, isn't unreasonable.
> The trick is to make the redundancies contributory, not redundant. i.e. A
> second firewall just checks things twice pointlessly, but only permitting
> certain things out is not something that a hardware firewall checks.

Exactly.

>
> Not everyone is computer savvy, that's why such products exist. Nor should
> they have to be. Inevitably someone will inadvertently get something that
> phones home. Call it Trojan, spyware, or adware, or whatever, even
> reasonable people will do it inadvertently. Thus the need for firewall,
> security, virus software, and everything else.
>
> It's a nasty world out there, something I don't think is going to change
any
> time soon.
>
>



Relevant Pages

  • Re: RISC OS Updater? (Was: Re: Tinct for FF beta2)
    ... >> couple of major bugs (one of which caused Windows Explorer to crash ... With XP the main update is SP2, ... SP2 supports many more device drivers, has the security centre, yadda, ... the new MS firewall was of no benefit whatsoever. ...
    (comp.sys.acorn.apps)
  • Re: ics and firewall
    ... >>> How can a SPI firewall device with no external open ports be hacked? ... Software Bugs ... Trojan Horses / Virii. ... it's usually not just for bug fixing but for security bug fixing as ...
    (comp.security.firewalls)
  • Re: Slow FTP transfer from z/OS to Unix
    ... I am always suspicious of files, ftp options, network paths (thru routers, ... firewall rules gone bad, firewall loose cables, tar pits, ... retransmitting, ftp bugs, osa bugs, windows bugs (exhausted windows ... For IBM-MAIN subscribe / signoff / archive access instructions, ...
    (bit.listserv.ibm-main)
  • Re: Hello
    ... (And the current-day Bugs are ... Download a trojaned file that infects you. ... Leave the firewall off and a worm infects you. ... Does the network shield in Avast actually ...
    (rec.games.computer.ultima.dragons)
  • Re: Firewalls, annual licence fee ?
    ... Is it really necessary to keep a firewall up to date all the time? ... Bugs in firewalls are common, just like bugs in an other complex ... Some vendors have a "free software upgrades for life" policy. ... Some vendors have a "No updates without a contract" policy. ...
    (comp.security.firewalls)