Firewall Wizards mailing list archives
Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls
From: Barney Wolff <barney () databus com>
Date: Tue, 26 Aug 2003 20:58:46 -0400
On Tue, Aug 26, 2003 at 05:07:46PM -0400, Marcus J. Ranum wrote:
Sorry - I'm feeling extremely curmudgeonly today. In my inbox I had *5* reports of mission-critical networks that were taken down by various worms in the last week. Why's that? On the surface, the answer is "RPC bug" but the REAL answer is "people should not be connecting mission-critical networks to the Internet - even with firewalls." A small handful of us have been singing this song quietly in the corner for about 12 years, now. Is anyone going to ever "get it"??
Alas, for the latest round merely being not Internet connected would not have been good enough. An infected immigrant laptop is enough to take down any isolated net. For a sufficiently rich and motivated org, I'd advocate changing the Ethertype of IP from 800, just to make it harder to connect conventional equipment by accident. Does even NSA do anything like that? -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Apple's iSight and Firewalls Jim Seymour (Aug 20)
- Re: Apple's iSight and Firewalls Bartek Krajnik (Aug 25)
- Setting up H323 IP telephony etc - was Re: Apple's iSight and Firewalls Bret Watson (Aug 26)
- Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Marcus J. Ranum (Aug 26)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Paul Robertson (Aug 26)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Frederick M Avolio (Aug 26)
- Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Bret Watson (Aug 27)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Frederick M Avolio (Aug 27)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Marcus J. Ranum (Aug 28)
- Setting up H323 IP telephony etc - was Re: Apple's iSight and Firewalls Bret Watson (Aug 26)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Barney Wolff (Aug 27)
- Re: Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls Marcus J. Ranum (Aug 27)
- Re: Apple's iSight and Firewalls Bartek Krajnik (Aug 25)
- Re: Setting up H323 IP telephony etc - was Re: Apple's iSight and Firewalls Bartek Krajnik (Aug 28)
- <Possible follow-ups>
- RE: Apple's iSight and Firewalls Dave Killion (Aug 20)
- RE: Apple's iSight and Firewalls black (Aug 21)
- RE: Apple's iSight and Firewalls Dave Killion (Aug 21)