Re: How safe for firewall rule using 127.0.0.0/8
From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: Wed, 26 Oct 2005 14:51:15 -0500
In the Usenet newsgroup comp.security.firewalls, in article
<x0D7f.email@example.com!nnrp1.uunet.ca>, Somebody. wrote:
>Hey Moe, how about my SSL VPN client example? What do you think?
If you don't know what's inside that VPN, you have a problem that
basic firewalls shouldn't have to deal with. At work, the solution
is quite simple - no VPNs period. I know what my "normal" network
traffic looks like, and when I see something out of the ordinary,
In your 23:48:00 UTC response to Juergen Nieveler, you are concerned
about a "nefarious VPN client, installed by a web site". Why the f*ck
would you allow that to be installed in the first place? Crap like
that does not get installed by magic - it gets installed by untrained
users who are using incompetently configured software.