Firewall Wizards mailing list archives
RE: Worms, Air Gaps and Responsibility
From: "Paul D. Robertson" <paul () compuwar net>
Date: Wed, 12 May 2004 13:51:55 -0400 (EDT)
On Wed, 12 May 2004, Claussen, Ken wrote:
Paul, Even Cisco is not immune to the exploits.
My point was that given the platform's ubiquity, we hadn't seen a worm- that doesn't mean it's not possible to do one, it means that it's not a given that ubiquity equates to common and automatic malcode exploitation. In fact, the point that we've had Cisco exploits in the past simply underlines the fact that ubiquity isn't the only driver for mass malcode exploits.
I have read several mentions of issues with corporate desktops and no one has mentioned the use of Group Policy through AD to control which EXEs are allowed to run by a user. This is one of the best methods to stop malicious code at the desktop level. While it may be painful to setup initially it is effective in many cases. In order to bypass this, malicious code would need to use an "approved" EXE to launch itself. This raises the bar significantly. Ken
Indeed, Wes used to evangelically espouse using ISA server to do much the same thing for Internet stuff. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Worms, Air Gaps and Responsibility, (continued)
- RE: Worms, Air Gaps and Responsibility R. DuFresne (May 07)
- RE: Worms, Air Gaps and Responsibility Melson, Paul (May 07)
- Re: Worms, Air Gaps and Responsibility Adam Shostack (May 07)
- Message not available
- RE: Worms, Air Gaps and Responsibility Marcus J. Ranum (May 07)
- Re[2]: Worms, Air Gaps and Responsibility Jean-Denis Gorin (May 07)
- RE: Worms, Air Gaps and Responsibility Mike McNutt (May 10)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 10)
- RE: Worms, Air Gaps and Responsibility Victor Williams (May 11)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 10)
- RE: Worms, Air Gaps and Responsibility Claussen, Ken (May 12)
- RE: Worms, Air Gaps and Responsibility Claussen, Ken (May 12)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 12)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 13)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 13)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 17)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 17)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 17)
- RE: Worms, Air Gaps and Responsibility Frank Knobbe (May 18)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 18)
- Re: Worms, Air Gaps and Responsibility Adam Shostack (May 18)
- Re: Worms, Air Gaps and Responsibility Dana Nowell (May 18)
- Re: Worms, Air Gaps and Responsibility Frank Knobbe (May 18)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 13)