>From: Bill Wohler <wohler @
sap-ag .
de>
>Date: Mon, 23 Nov 1992 21:26:38 +0100
>Subject: what shall thy firewall hardware be?
.
.
.
just occurred to me that i might not be able to get two network
interfaces in the hp 710. if this is the case, what is the danger
in setting up the router so that it only passes traffic from both
the external and internal networks only to the gate? is it better
to get a gate that has two network interfaces?
I think it would be _much_ better to use two physically separate inter-
-faces. This anticipates the possibility of future methods of breakin
which might bypass the filtering mechanism on the router.
Consider the following possibility : a disgruntled employee writes a
trapdoor routine into the assembler code in the router's kernel, so that
he can reset the filtering mechanism(s), perhaps even without it being
logged. Because it's assembler, or Forth, it doesn't get noticed ...
Let's extrapolate a little further and say that this gets out into the
grapevine, and, crackers having learned not to boast, it stays a secret,
used by only a few, and never comes to the attention of CERT.
Those two physically discrete interfaces may now be all that's left of
your firewall, and whatever logging is in place may be all that you have
by which to detect such a breakin, if they don't actually try to break in
to the gateway itself ( which is, of course, being closely monitored at
all times ).
Also, two interfaces makes for better throughput ...
-- richard
=====
-- richard childers rchilder @
us .
oracle .
com 1 415 506 2411
oracle data center -- unix systems & network administration
Klein flask for rent. Inquire within.
|
|
