nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Have they stopped teaching Defense in Depth?

From: Leigh Porter <leigh.porter () ukbroadband com>
Date: Wed, 16 Nov 2011 13:46:16 +0000



-----Original Message-----
From: Jay Ashworth [mailto:jra () baylink com]
Sent: 16 November 2011 13:38
To: NANOG
Subject: Re: Have they stopped teaching Defense in Depth?

----- Original Message -----

From: "Jimmy Hess" <mysidia () gmail com>



Or, the attack is against a legitimate user's outbound connection,

for example:

a user behind the firewall connects to a web site, a vulnerability
in their browser is exploited
to install a trojan -- the trojan tunnels to the attacker over an
outgoing port that is allowed on the firewall.


Oh, certainly; I have lots of web browsers running on my servers.

All The World Is Not A Workstation, guys.


I think the point is that you access your servers from your work station and so if the workstation you use to access 
the network is compromised then your whole network is potentially compromised.

--
Leigh



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________
Previous By Date Next
Previous By Thread Next

Current thread: