Re: SECURITY Digest - 23 Sep 2005 to 26 Sep 2005 (#2005-176)

["Cary, Kim" <Kim.Cary () PEPPERDINE EDU>]

Ah, Valdis, you got me with the very apt Star Wars quote:

> "The more you tighten your grip, Tarkin, the more star systems will slip
> through your fingers." -- Princess Leia Organa
>
> Anybody who's following this security strategy needs to figure out what
> their endgame strategy is going to be once only ports 80 and 443 are
> allowed.....
Yes, the logical end-game is a caution and no mistake, but that lesson
applies to the present. So, if someone is trying to get rid of Yahoo
messenger, then, block the destinations? Go for the deep packet
inspectors? We are not planning on this at present, but there are
analogous issues. What are schools using to check for non-protocol
traffic on standard protocol ports? Even Packeteer, whose game is doing
just that, seems unable to get more than a B- at protocol fingerprinting.