[5835] in cryptography@c2.net mail archive
Re: Internal vs external threats, any references?
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Oct 4 09:17:39 1999
Message-ID: <37F85E07.FE4D3AAF@algroup.co.uk>
Date: Mon, 04 Oct 1999 08:57:59 +0100
From: Ben Laurie <ben@algroup.co.uk>
MIME-Version: 1.0
To: amir.herzberg@il.ibm.com
Cc: Jeff.Hodges@stanford.edu, cryptography@c2.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
amir.herzberg@il.ibm.com wrote:
>
> Jeff says/asks,
>
> > A commonly-held conception in the commercial world (in my experience) is that
> > most threats to "corporate security" come from the Internet-at-large, and
> > therefore being behind a firewall is a Good Thing and generally Sufficient.
>
> I believe this is a very wrong notion. However I want to point out that even if
> one is concerned only/mainly about external threats, a firewall is still only a
> very limited solution. In fact, I believe firewalls are no match for a
> determined attacker, for the following simple problem with the firewall approach
> (rather than with a specific one): firewalls cannot prevent a program running on
> the internal network from bypassing it. Now, getting one program to run in one
> computer within an organization is fairly easy - any good trojan horse or virus
> can do this. So, a determined attacker can by pass any firewall - and
> organizations should use additional tools to defend. (and this time I'll stop
> here :-)
How does this trojan horse or virus get onto the targetted computer? I
don't know what you run behind your firewalls, but I certainly don't run
anything that could get trojaned or virused.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
