funsec mailing list archives
Re: This sounds like a security disaster just waiting to happen...
From: Jason Ross <algorythm () gmail com>
Date: Wed, 29 Apr 2009 16:05:47 -0400
On Wed, Apr 29, 2009 at 15:27, Steve Pirk <orion () pirk com> wrote:
On Wed, 29 Apr 2009, Larry Seltzer wrote: ...When IT enables BranchCache, a copy of data accessed from an intranet web site or a file server is cached locally within the branch office. When another user on the same network requests the file, the user gets access to the content almost immediately as it is downloaded from the local cache rather than over a limited bandwidth connection back to headquarters. Flexible Architecture... So, Microsoft has implemented a squid like server as part of their gateway solution for office connections to the net. If done correctly, sould be safe enough, no?
Not exactly squid like. The more interesting bit is further down: "In the second mode, called Distributed Cache, a branch server is not required, as copies of files are directly cached on PCs in the branch and sent to other Windows 7 clients as needed" P2P squid. Now what happens when a user decides to inject malicious code into the cached files... It'd be interesting to see what steps were taken to prevent that from occurring. -- jason _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: This sounds like a security disaster just waiting to happen... Juha-Matti Laurio (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Larry Seltzer (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Steve Pirk (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Jeff Kell (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Valdis . Kletnieks (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Steve Pirk (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Larry Seltzer (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Valdis . Kletnieks (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Steve Pirk (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Jason Ross (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Jon Kibler (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Paul Ferguson (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Larry Seltzer (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Rich Kulawiec (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Steve Pirk (Apr 29)
- Re: This sounds like a security disaster just waiting to happen... Rich Kulawiec (May 03)
- <Possible follow-ups>
- Re: This sounds like a security disaster just waiting to happen... Juha-Matti Laurio (Apr 29)