nanog mailing list archives

Re: Have they stopped teaching Defense in Depth?

From: Jay Ashworth <jra () baylink com>
Date: Wed, 16 Nov 2011 08:36:21 -0500 (EST)

----- Original Message -----

From: "Jimmy Hess" <mysidia () gmail com>

Or, the attack is against a legitimate user's outbound connection, for example:
a user behind the firewall connects to a web site, a vulnerability
in their browser is exploited
to install a trojan -- the trojan tunnels to the attacker over an
outgoing port that is allowed on the firewall.


Oh, certainly; I have lots of web browsers running on my servers.

All The World Is Not A Workstation, guys.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274

Current thread:

Re: Arguing against using public IP space, (continued)
- - - Re: Arguing against using public IP space Owen DeLong (Nov 15)
    - Have they stopped teaching Defense in Depth? Jay Ashworth (Nov 15)
    - Re: Have they stopped teaching Defense in Depth? Mark Andrews (Nov 15)
    - Re: Have they stopped teaching Defense in Depth? William Herrin (Nov 15)
    - Re: Have they stopped teaching Defense in Depth? Owen DeLong (Nov 16)
    - RE: Have they stopped teaching Defense in Depth? Jamie Bowden (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? Owen DeLong (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? William Herrin (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? Owen DeLong (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? Jimmy Hess (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? Jay Ashworth (Nov 16)
    - RE: Have they stopped teaching Defense in Depth? Leigh Porter (Nov 16)
    - Re: Have they stopped teaching Defense in Depth? Valdis . Kletnieks (Nov 16)
    - RE: Have they stopped teaching Defense in Depth? Jamie Bowden (Nov 16)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
  - Re: Arguing against using public IP space Jay Ashworth (Nov 13)
    - Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
    - Re: Arguing against using public IP space Brett Frankenberger (Nov 13)
    - Re: Arguing against using public IP space Jay Ashworth (Nov 13)
    - Re: Arguing against using public IP space Joe Greco (Nov 13)
    - Re: Arguing against using public IP space Joel jaeggli (Nov 13)

(Thread continues...)