Firewall Wizards mailing list archives
RE: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe)
From: "Stiennon,Richard" <richard.stiennon () gartner com>
Date: Fri, 3 Aug 2001 07:31:06 -0400
-----Original Message----- From: Joseph Steinberg [mailto:Joseph () whale-com com] Sent: Thursday, August 02, 2001 12:23 PM To: firewall-wizards () nfr com Subject: [fw-wiz] Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) <snip>
BTW: The generic Code Red worm may just deface and connect >outward, but
the
same vulnerability could have been exploited to steal the >information on
the
web server, or turn it into a host for a staged attack against >other DMZ/internal machines. As the vulnerability is at the >application-level, a firewall will not likely mitigate against this.
Unless that firewall has a strong application proxy! -Stiennon _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) dave . goldsmith (Aug 04)
- <Possible follow-ups>
- RE: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) Stiennon,Richard (Aug 04)