Re: How effective is a router as a firewall?
From: David (davidwnh_at_adelphia.net)
Date: 10/29/03
- Next message: Alastair Smeaton: "Re: Kerio's rule set keeps disappearing! Attn: Sponge"
- Previous message: David: "Re: FTP behind a router and firewall"
- In reply to:(deleted message) Leythos: "Re: How effective is a router as a firewall?"
- Next in thread: Leythos: "Re: How effective is a router as a firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Oct 2003 07:01:55 GMT
A lot of things can be done internally with admin privileges without too
much worry, but once you use your web browser, email client, newsreader,
and any other class of client application to access resources on the
internet you are dealing with the devil. You have "no control" over
others resources when you are dealing with the internet environment. MS
doesn't guarantee that their patches work, and history should tell you
why. You may only go to what you consider trusted websites, etc. but
there is no guarantee that these sites haven't been compromised and for
example had a simple well hidden malicious script or embedded link
applied to one or some of their pages. Take a look at some of the
spyware and you will see that even "legitimate" companies have been
known to use certain software vulnerabilities to get their wares
unknowingly installed. The only way you can have a totally controlled
environment is by pulling the plug on your internet connection.
Protecting one's computers and network is all about odds. Every
individual means of protection that one properly implements simply
betters their odds in preventing problems. Logging on with
administrative rights more than is necessary does not better these odds.
And using certain network-based applications with these rights when
they don't require such is careless at best.
Saying that it can be done safely because you have taken other measures
is foolish, arrogant, and oxy'moronic'. It means that someone doesn't
fully understand that the realm of possibilities when it comes to
exploits goes far past any individuals intellectual capacity (we are not
psychics), that one chooses to intentionally sacrifice some level of
security for the sake of convenience, or they don't now how or are too
lazy to implement certain features(group policy,user rights,acl's,
etc.). Most applications will function properly using the runas feature.
You should be wary of any non administrative or non development software
that accesses network resources and doesn't allow for proper operation
under a normal user account. It should be obvious that the developers of
such software have no idea how to write secure applications unless you
are using software that was initially written for unsecure platforms in
the first place. And using old network-based software initially written
for older platforms that has not been updated to take advantage of
additional security features of newer OS versions (when there are other
alternatives)is rather foolish in itself.
>
>
> And if you have a controlled environment where you know what can get
> in/out you could safely run a fully unpatched (security patches) Windows
> system without ever having any problems.
>
>
>>Certainly, security is always a trade-off... largely that trade-off is at
>>the cost of ease-of-use. However, most modern operating systems provide
>>relatively convenient mechanisms for allowing administrators to routinely
>>use lower privileged accounts and only temporarily raise access to higher
>>privileges. Linx/unix offers 'su' and Win2K/XP offer 'runas'.
>
>
> I was already aware of this, this was never in question. It comes down
> to the working environment. I consider the subnet I'm currently posting
> this from to be secure - I control the firewall, the IDS, the Anti-Virus
> settings, the applications, and all of the users systems permissions. I
> feel confidant that I can run as a member of the domain admins group
> from this subnet without any problem. There are 4 more subnets in this
> office that I would not run as a domain admin from.
>
>
>>It really is
>>not that difficult to utilize your system in such a manner where you raise
>>privileges only when you need to. Of course, having said that, I must
>>concede that many legacy Windows apps were written and designed in the days
>>of Win9x where the concepts of privileges and user contexts was essentially
>>foreign. These apps often do not play nice in setups where they don't have
>>full control over the machine. Thankfully, such apps are getting to be fewer
>>and fewer in number due to obsolence.
>
>
> Now we're getting to the meat of it. How are you going to educate the
> zillions of home computer users on doing this? In most cases they can't
> even spell Administrator let alone know what to do about privileges.
> Most users don't have a clue, so you have to find a way to allow them to
> work and at the same time protect your network - it doesn't start at the
> desktop, it starts at the entry points for data.
>
>
>>You may continue to run in fully privileged accounts, and you may, quite
>>rightly, never experience any security problems or issues whatsoever as a
>>consequence. However, I for one still do not believe that this is a wise or
>>advisable approach in the vast majority of situations.
>
>
> And I would agree that for most people, running as an administrator
> account member is very unwise. Don't get this in the wrong context, I'm
> not saying I'm lucky or some super expert, I'm saying that my
> environment is controlled, known, and secure, so I can run as a member
> of the administrators group from this system without significant fear in
> compromising the system. At the same time, I've been in offices of
> fortune 500 companies that allowed a simple Word macro-virus to shut
> them down in less than 40 minutes (17 offices in the US were brought
> down because of a lax security plan) and one lame contractor.
>
> I understand your issue with this, but I don't see where you are
> providing a workable solution to the problem that faces your average
> computer user - telling them to not run as an administrator takes more
> work that just typing it and does not really tell them anything about
> the question.
>
- Next message: Alastair Smeaton: "Re: Kerio's rule set keeps disappearing! Attn: Sponge"
- Previous message: David: "Re: FTP behind a router and firewall"
- In reply to:(deleted message) Leythos: "Re: How effective is a router as a firewall?"
- Next in thread: Leythos: "Re: How effective is a router as a firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
