RSS
Twitter
Do Firewalls Lead To Feelings Of False Security?
from the feeling-safe-may-be-an-illusion dept
Earlier this month we posted an article pointing out that if you can get behind the firewall of a company it may be very easy to install a spying device. Simson Garfinkel's latest column goes beyond this to point out that many companies incorrectly think their firewall makes them secure, when they often just cause more problems. As an example, he says he visited a friend's office recently, and plugged his laptop into an open ethernet port to check his mail. The system wouldn't let him check mail, because he wasn't configured for the firewall, but he had full access to the internal network (including other people's emails). As he points out, this ethernet jack should have been either turned off, or should have set off some sort of alarm that an "unregistered" machine tried to access it. He also points out that firewalls often get worse over time, because sysadmins open up "temporary" holes in the firewall because some exec needs to access something. Those temporary holes tend to become permanent once people forget about them.
Reader Comments
(Flattened / Threaded)
here's a safety tip
1. Take the computer off all networks
2. Place the computer in a vault with a 40-ton door
3. Place armed guards around the perimeter
4. Place video cameras everywhere
5. Install the most sophisticated security system known to man.
(reply to this comment) (link to this comment)
Add Your Comment