Come on, own up: IT managers leave firewalls open for hackers

[InfoSec News <isn () c4i org>]

http://www.silicon.com/public/door?REQUNIQ=1017202637&6004REQEVENT=&REQINT1=52285&REQSTR1

Tuesday 26th March 2002

Too little knowledge can be a dangerous thing...
 
The number of flaws reported in firewalls have rocketed by nearly 50
per cent over the past four years because IT pros don't know how to
configure them.

A report by security testing specialist NTA Monitor found that flaws
in firewalls have increased by 45 per cent since 1998.

The researchers said the holes, which occur mainly because of poor
configuration and sloppy patching, could give hackers a way in to
corporate networks.

Companies have not learned how to install their firewalls properly,
according to Roy Hills, technical director at NTA Monitor. He said:  
"Three years ago firewalls were relatively rare, only firms who really
needed them had them - coupled with the expertise.

"Nowadays there are so many companies who need firewalls because of
the net. But they are not any easier to configure today than they were
five years ago."

But he did not put all the blame on users, adding that vendors have
not made things easy.

"There should be a way to check how you have configured your firewall.  
It should be made much easier to get it right and much harder how to
get it wrong," he said.

Many companies are unable to keep up with the latest vulnerabilities
because of the misconfiguration problems, the study added.

NTA Monitor said a flaw was recently identified in Checkpoint's most
commonly used Fire Wall-1 product, which allowed potential hackers to
access internal systems via HTTP, but only those companies who had
failed configure the firewall correctly were affected.

"This kind of attack could have been prevented by proper installation
of the firewall," Hills said.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.