Re: Esafe Protect Gateway (CVP) does not scan virus under some

[alonr () EALADDIN COM (Alon Rotem)]

Dear Mr. Van der Kooij,

On 23/03/2000 20:17:33 CET Hugo.van.der.Kooij wrote:
> On Thu, 23 Mar 2000 alonr () eAladdin com wrote:
>
> > The trade off between performance and protection sufficiency is a well
> > known issue in the world of data security. As suggested by Mr. Van der
> > Kooij, it is possible to make files go through eSafe Gateway without
being
> > scanned for viruses, thus creating security holes. eSafe believes that
> > relying on file extension in order to avoid threats and virus assaults
is
> > highly efficient. This is definitely not due to a "flawed design". We,
at
> > eSafe, believe that it is possible to achieve a high level of security
and
> > privacy, while relying on the files extensions. In order to gain good
> > security, and, at the same time, good network performance, it is
possible
> > (and recommended) to avoid scanning of files that are predefined as
"Safe"
> > (or files that are not defined as "Dangerous"). It would often be
redundant
> > to scan each and every file which goes through the system.
>
> The fact that ESP does not allow a security officer to make a company
> strategy but forces a strategy upon it's customers is dangerous and for
> some clients unacceptable.

You may have overlooked the paragraph prior to that one: It is possible to
inspect each and every file on the system. eSafe Gateway allows any system
administrator implement any company security policy. Again, we believe that
cutting down the number of files which are defined as dangerous is an
optimal balance, but a worried administrator can avoid that policy and
suspect any file regardless of its extension.

> > It is agreed that files renaming is a common action that can be easily
> > performed by anyone who can use an alphanumeric keyboard, but If a
hacker
> > sends an infected executable file masqueraded with a "TXT" or an "MPG"
> > extension, it is the user's job to get the file, save it to his local
disk,
> > rename it to a valid executable, and then run it. Such a user can also
> > bring an infected floppy disk from home and spread a virus in the
company's
> > internal network, or format his own hard disk manually. The damage and
the
> > user's involvement in damaging the system would be more or less
equivalent.
> Using a system without floppy drives and using an operating systems that
> does not allow users to do such harmfull activities is a path chosen by
> some companies.
> Telling someone they should not put a lock on the frontdoor because they
> may have an open backdoor is a poor excuse for a locksmit that was ordered
> to secure the frontdoor.

This was just an example by which malicious or unprofessional users can do
harm by becoming involved. I know perfectly well that some companies do not
allow floppy disks, and that on most operating systems you can easily
restrict high system security standards. Again, if you are worried about
what your users might or might not do, do not trust them, and if you are
worried about files with innocent extensions coming into your network,
apply the policy that enforces scanning of each and every file. There is no
back door here, and the front door is left perfectly locked.

> > In conclusion, Mr. Van der Kooij has insinuated that according to eSafe
> > there is "No fix available". The subject described above is not a bug,
nor
> > a security problem. Hence, no fix is needed. eSafe Gateway provides
> > excellent security and safe network environments.
>
> Unfortunatlyy your Dutch office does not concur nor does your development
> centre. The Dutch office informed me the issue is no know by the ID:
> DR/047 and being handled by the development crew.
>
> The overal message you are sending is that we should be confident that any
> file passed through uninspected can't be harmfull in any way. However my
> customers don't agree and find this unacceptable and so do I.
>
> The purpose of the BugTraq mailinglist is to inform people of known
> problems and if possible to solutions or at least of workarounds.
> Unfortunatly there is no usable workaround.
>
> My customers don't just expect that they will not be harmed by a virus but
> that a maximum effort is done to prevent any harmfull activities. At
> present ESP does not live up to that expectation because someone made a
> choice that they find an unacceptable security breach.

Again, we are getting back to where we started: eSafe does not tell you to
trust any file. It your privilege as an administrator to enforce any policy
you find safe. We do not need a workaround, since there is nothing to work
around. You do not have to be expect an environment in which no virus will
enter your system, with eSafe Gateway you can create such an environment.
eSafe can scan any file you want. Of course you will lose some network
performance, because most Internet traffic is not harmful, but eSafe does
not tell you to rely on that.

            Sincerely,
                Alon Rotem
               Software Engineer

Phone: [+972 4] 8811441
e-mail: alonr () eAladdin com
Listen to my music at:
http://www.audiogalaxy.com/bands/alonrotem

Aladdin. Securing The Global Village

Ashlag 22, Haifa, Israel
Tel:   +972 4 872-8899 Fax: +972 4 872-9966
Visit us at our Web site!  http://www.esafe.com

Aladdin supports Idealist. Visit http://www.idealist.org