>>>>> On Thu, 13 May 1993 22:10:42 +0000, vince @
dsi .
unimi .
it (David Vincenzetti) said:
vince> What do you mean by ``cloaking version of FSP''? Do you think
vince> it is possible to fool up a firewall by just changing a port
vince> number? If so then any nasty hacker just have to set up a
vince> non-standard telnet daemon which binds to port 37672 and you
vince> won't notice he's accessing your system.
Exactly, assuming you are not filtering incoming SYN packets (in which
case, say goodbye to FTP.) The bottom line - anyone on the inside will
be able to compromise your most elaborate security measures.
In security, there are no technical solutions to personnel problems.
-Rens
--
o===============================================================o
| J. Laurens Troost - UNIX Systems | At Work: rens @
imsi .
com |
| Investment Management Svcs, Inc. | At Play: rens @
century .
com |
| 12 East 49th Street, 35th floor | Phone: (212) 339-2823 |
| New York, New York 10017 | Fax: (212) 444-1980 |
o===============================================================o
-- IMS is unlikely to share any of the above opinions --
References:
|
|
