Firewall Wizards mailing list archives

RE: Tunnel intruder

From: "Desai, Ashish" <Ashish.Desai () fmr com>
Date: Thu, 10 Oct 2002 10:26:51 -0400



-----Original Message-----
From: Jim MacLeod [mailto:jmacleod () earthling net]

Does anybody know of an actual incident where this attack was used, 
successfully or not?

-----

We have had mulitple instances where consulting company(s) 
were infected with the SQL worm and then when the VPN into 
our company, the worm would try in spread the infection 
within the company. The solution we deployed is put a firewall
 between the internal company network and the VPN termination 
point in the firewall. We can block a lot of things quickly with
this firewall.

There are folks trying to push out security policies to users 
remote desktops, ie. local maching firewall config, virus defn update... 
However, it raises some interesting
policy problems if the machine is the user's personal machine 
and not a company supplied one.


Ashish
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Tunnel intruder, (continued)
- Re: Tunnel intruder Josh Welch (Oct 09)
- Re: Tunnel intruder John Adams (Oct 09)
  - Re: Tunnel intruder Frank Knobbe (Oct 10)
- Re: Tunnel intruder Harald Koch (Oct 10)
- Re: Tunnel intruder Dragos Ruiu (Oct 10)
- Re: Tunnel intruder David Kennedy CISSP (Oct 12)
- Re: Tunnel intruder Dave Piscitello (Oct 12)
- RE: Tunnel intruder Gibson, Brian (Oct 09)
  - RE: Tunnel intruder R. DuFresne (Oct 09)
- RE: Tunnel intruder Irwin Lazar (Oct 09)
- RE: Tunnel intruder Desai, Ashish (Oct 10)