RE: FW: Is this for real (e-Gap from Whale Communications)

["Squire, Jonathan" <Jonathan.Squire () dowjones com>]

> A problem that didn't get much play in Squire's review...
>
> IMHO the e-gap mechanism shares the same fatal flaw as the competition
> (firewalls, guards, etc) -- since it passes data, *and* data 
> today contains
> executable logic, then people can always find a way to attack 
> the inside
> via hostile logic (macro viruses, malicious applets, 
> whatever). The e-gap
> technology doesn't do a thing about any of this itself. In 
> fact, their web
> information suggests that they can only address such problems 
> via filtering
> installed on the "trusted" side. 

Rick makes a good point here that I didn't address. Depending on what data
is transmitted through the device you could send malicious code)... remember
this device is sneaker-net-like in their own words, so you could send a word
document through it and it contains a macrovirus that sends your credit
cards back through it.


> I've heard rumors that people have even done IP embedded in SMTP
> e-mail, though perhaps that's another security urban legend. 

it's been done, though I never used the code:
http://www.detached.net/mailtunnel.html

-Jon Squire
Information Security Auditor
Dow Jones & Company

--
My words are my own, they represent my views... do not assume they represent
anything but my own views.