Re: Taking Testing a Firewall to the extreme

[Dominique Brezinski <dominique.brezinski () cybersafe com>]

At 05:26 PM 9/30/97 +0100, you wrote:
> OK, so call this OTT, (and Marcus...stop me when I go too far!)
>
> Does the group consider the use of Electro-Magnetic Radiation scanning
> tools, keyboard taps etc. outside the scope of a 'normal' test.

I would not consider it part of a normal firewall test per se, but rather
part of network or computer security assessment and risk analysis. Having a
firewall run on TEMPEST hardware is of little benefit if the rest of the
network is not shielded. If Van Eck attacks are truely a justified risk in
your environment, then a majority of your information processing equipement
will need to conform to TEMPEST and specific physical security standards,
not just the firewall. Does this make sense? 

> I suppose one has to define what a 'normal' penetration test is, and
> certainly it ain't the job of a firewall to cater for that type of
> compromise, but more the job of the policy.

Well, it will be part of a normal security assessment if it is justified by
the risk analysis. In classified environments it surely is.

> My $0.02
> -------------------------------------------------------------
> Edward Cracknell - <edward () SecurIT net>
> Security Administrator


Dominique Brezinski
----------------------------------------------------
My opinions expressed here, and in any public forum, 
are my own and do not represent those of my employer 
or its clients.  I am an individual.