Re: what should I do when....

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2008-07-10 Rivest, Philippe wrote:
> It is false and the reason is firewall is just a device to protect
> from a few vectors of attack. If you want to bullet proof a system you
> need to adopt a broader solution.

Bullet-proofing also "just protects from a few attack vectors". Body
armor does not protect you from drowning or falling out of a 20th story
window, nor does it necessarily protect you from attacks with knives,
grenades or various other weapons.

> Firewall wont help:
> 1- physical attack

Physical security may very well be part of a firewall concept. To some
extent at least.

> 2- session hijacking

Filtering Proxies may also be part of a firewall concept.

> 3- virus put into a email

E-mail filtering may also be part of a firewall concept.

> 4- user browsing & install bad software

User browsing can be proxied, the proxy being part of your firewall
concept. Software installation is actually the only thing in your list
that isn't part of a firewall concept.

A firewall is (or can be) far more than a mere packet filter.

Besides, I didn't say that bullet-proofing a system is the same as
firewalling a system, but that both tasks are equally difficult.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq