Firewall Wizards mailing list archives
Re: Linux Firewall on CD
From: Barney Wolff <barney () databus com>
Date: Fri, 11 Jul 2003 23:14:14 -0400
On Fri, Jul 11, 2003 at 10:29:03PM -0400, Paul Robertson wrote:
Again, the real game is going through the firewall- these days the way most are deployed, there's not much to be gained on the firewall, unless the attacker wants an open relay for spamming.
I don't understand. Presumably the firewall had some utility, or this list is a waste of time. At the very least, a compromised firewall can be turned into an "allow any to any" rule, so whatever protection it was providing is gone. Beyond that, the firewall makes a wonderful base for further attacks, as it has interfaces on trusted inside and management networks. Surely this is obvious, so I must be missing your point. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Linux Firewall on CD james mcdermott (Jul 11)
- Re: Linux Firewall on CD Steve Ellis (Jul 11)
- Re: Linux Firewall on CD Paul Robertson (Jul 11)
- Re: Linux Firewall on CD Marcus J. Ranum (Jul 11)
- Re: Linux Firewall on CD Paul Robertson (Jul 11)
- Telnet & ftp issues Jyotish K Sen Gupta (Jul 12)
- Re: Linux Firewall on CD Barney Wolff (Jul 12)
- Re: Linux Firewall on CD Paul Robertson (Jul 12)
- Re: Linux Firewall on CD Marcus J. Ranum (Jul 11)