Educause Security Discussion mailing list archives
Re: When is a firewall not a firewall?
From: Omar Herrera <omar_herrera () BANXICO ORG MX>
Date: Fri, 5 Sep 2003 15:45:32 -0500
Mh, Antivirus products would also be vulnerable to this sort of "race condition". There used to be problems with boot sector viruses loading before the AV and engaging in stealth mode. Things are changing now and it's been a long time since I last heard of a boot sector virus infection, but in theory, the vulnerability remains. Viruses might, for example, replace service executables that are loaded before AV upon infection, giving them the advantage after a reboot. Other security controls could be affected as well (access control smartcards for example?) Omar Herrera, CISSP Instituto Tecnológico y de Estudios Superiores de Monterrey, Mexico City Campus Information security topic and laboratory
-----Mensaje original----- De: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] En nombre de Gary Flynn Enviado el: Viernes, 05 de Septiembre de 2003 03:32 PM Para: SECURITY () LISTSERV EDUCAUSE EDU Asunto: Re: [SECURITY] When is a firewall not a firewall? Hahn, Jacob wrote:IP Security policies that are built in to the local and group
policies
mayprovide what you are looking for. The real beauty of the group policy based IP Security policies is
that
canbe centrally managed via active directory.I'm experimenting with them now and they leave a period of
vulnerability
during boot too. Several seconds just before the logon prompt, a specifically blocked port (135) was reported open by nmap. This was done using local policy (i.e. ipsecpol -w REG) I doubt group policy would be any different. -- Gary Flynn Security Engineer - Technical Services James Madison University
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- When is a firewall not a firewall? Gary Dobbins (Sep 05)
- <Possible follow-ups>
- Re: When is a firewall not a firewall? Hahn, Jacob (Sep 05)
- Re: When is a firewall not a firewall? Jere Retzer (Sep 05)
- Re: When is a firewall not a firewall? Matthew Keller (Sep 05)
- Re: When is a firewall not a firewall? Gary Flynn (Sep 05)
- Re: When is a firewall not a firewall? Omar Herrera (Sep 05)