-- more on -- could AOL be a hole that lets worms through corporate firewalls?

[Dave Farber <dave () farber net>]

> Date: Sat, 23 Aug 2003 16:15:35 +0200
>
>
> David,
>
> If you post my reply please kill my headers + from address.
>
> On Friday, Aug 22, 2003, at 21:49 Europe/Berlin, Dave Farber wrote:
>
> > > After some investigation, I determined that when the AOL client is run 
> > > via TCP (not AIM, not AOL via the web), it creates a new virtual device 
> > > with an AOL-assigned IP address.
>
> Eric -
>
> Interesting, I always figured they just ran their own internal protocol 
> over the tcp/ip connection. Something to watch out for. However, for the 
> virus flood to affect your network you do not need any such complicated 
> scenarios. Where I work - a large European airline - the last I heard of 
> the lovesan investigation was that the assumption was that the virus was 
> carried into the company network via notebook. Many employees who have 
> company-owned notebooks take them home in the evening and presumably 
> connect them to the internet via dialup. No IP tunnel needed. Protecting 
> against this is probably nearly impossible; it boils down to a good and 
> fast patch management of ALL corporate windows machines.

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/