Re: what should I do when....

[Adriel Desautels <adriel () netragard com>]

Easy Sergio:

Social Engineering (my favorite), Infected USB Fob, Physical Entry.

But if you are going to do that then why not just unplug the entire 
network and do away with the firewall?

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Sergio Castro wrote:
> Let me try to understand what you are saying. If you block ALL traffic,
> inbound and outbound, with a firewall, how then, would a hacker get into the
> system? 
>
> -----Mensaje original-----
> De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
> nombre de Adriel Desautels
> Enviado el: Miércoles, 09 de Julio de 2008 10:00 a.m.
> Para: Ansgar -59cobalt- Wiechers
> CC: security-basics () securityfocus com
> Asunto: Re: what should I do when....
>
> Ansgar,
>         You can not bullet proof a computer system by using a firewall even
> if you block all traffic to and from that system. In most configurations
> firewalls block inbound connection attempts to *internal* systems, while
> they permit outbound attempts from those systems.
>
>         It is my opinion that firewalls are not security devices as much as
> they are traffic shaping devices. Their job is to control network
> connections and the flow of traffic, not to ensure that something can't be
> hacked.
>
> Regards,
>         Adriel T. Desautels
>         Chief Technology Officer
>         Netragard, LLC.
>         Office : 617-934-0269
>         Mobile : 617-633-3821
>         http://www.linkedin.com/pub/1/118/a45
>
>         Join the Netragard, LLC. Linked In Group:
>         http://www.linkedin.com/e/gis/48683/0B98E1705142
>
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
> Netragard Whitepaper Downloads:
> -------------------------------
> Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you
> must know  : http://tinyurl.com/26pjsn
>
>
> Ansgar -59cobalt- Wiechers wrote:
> > On 2008-07-08 Weir, Jason wrote:
> > > Quote of the day....  
> > >
> > > "Bullet-proofing your systems is as easy as using a firewall"
> > >
> > > If it was only true....
> > It is quite true, you're just underestimating the task of maintaining 
> > a firewall.
> >
> > Regards
> > Ansgar Wiechers
>
>
>
> __________ NOD32 3257 (20080710) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com