Ok, so now we have a firewall, we're safe, right?

["Paul D. Robertson" <paul () compuwar net>]

http://www.theinquirer.net/?article=23575

(should lead to the next URL w/o registration in the more link at the
bottom:)
http://www.smh.com.au/news/Breaking/18-in-Israel-accused-of-hightech-spying/2005/05/30/1117305525972.html?oneclick=true

If ever there were a wakeup call for people to start analyzing their
firewall logs, this is it-  nobody at any of the companies involved figured
this out due to firewall logs, an author figured it out because their
unpublished book was leaking.

http://www.israelnewsagency.com/israelinternetspydefensearrests5540530.html

Seems to also intimate the Trojan being injected via autorun CDs.  Anyone
require users to provide copies of CDs received in the mail to their
security department for later evidence gathering?

AV isn't going to be effective against most custom Trojan Horses.  We're
going to see more of this in the future- "Hey, I'm a Volvo dealer- I don't
have anything important on-line" or "We're a hardware store, we couldn't
possibly be a target!"  Guess what?  It doesn't take much to get those
cross-hairs pointed at you, no matter what line of business you're in.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards