Firewall Wizards mailing list archives
RE: Worms, Air Gaps and Responsibility
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 5 May 2004 15:30:52 -0400 (EDT)
On Wed, 5 May 2004, Karl Mueller wrote:
Maybe one reason is this the trend to route mission critical info over the Internet (albeit over VPN tunnels). We'd like to say that you MUST use private lines for really secure information, but money tends to talk in these situations. Since a lot of networks span multiple sites, and WAN prices don't scale well, buisnesses are turning to the Internet and VPNs as a way to make their sites well-connected without the cost of a full-mesh FRS or private-line network. Of course a well-configured VPN router will block all traffic that does not come through the tunnel, this is still not an 'air gap' since you're still physically connected to the Internet. In this case, one small config error on your firewall/VPN endpoint opens up your entire network to the Internet.
And the present state of VPN madness does not, often mitigate much risk, trojan packets once a system is hit will flow over the VPN as well as any open/unencryted route. Far too often VPN's are the lazy-mans way if implementing segregation/seperation. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Worms, Air Gaps and Responsibility Paul D. Robertson (May 05)
- RE: Worms, Air Gaps and Responsibility Karl Mueller (May 05)
- RE: Worms, Air Gaps and Responsibility R. DuFresne (May 05)
- RE: Worms, Air Gaps and Responsibility Ben Nagy (May 05)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 05)
- Re: Worms, Air Gaps and Responsibility Marcus J. Ranum (May 05)
- Re: Worms, Air Gaps and Responsibility Einar Indridason (May 06)
- Re: Worms, Air Gaps and Responsibility Rogan Dawes (May 05)
- Re: Worms, Air Gaps and Responsibility Mason (May 06)
- Re: Worms, Air Gaps and Responsibility Chris Pugrud (May 07)
- Re: Worms, Air Gaps and Responsibility Rogan Dawes (May 07)
- Re: Worms, Air Gaps and Responsibility Mordechai T. Abzug (May 06)
- Re: Worms, Air Gaps and Responsibility Jim Seymour (May 06)
(Thread continues...)
- RE: Worms, Air Gaps and Responsibility Karl Mueller (May 05)