Firewalls: Re: Hey the crackers have a new twist 8-(.

Firewalls
(March 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Hey the crackers have a new twist 8-(.
From:	IPoynter @ dataware . com
Date:	Tue, 29 Mar 1994 09:54:16 -0500
To:	Ian Dunkin <imd1707 @ ggr . co . uk>, Eric Murray <ericm @ microunity . com>, Sean McLinden <sean+ @ andrew . cmu . edu>, firewalls @ greatcircle . com, rouilj @ terminus . cs . umb . edu

At 12:29 PM 3/29/94, Ian Dunkin wrote:

>Actually, it occurs that in this second scenario -- a confederate of the
>baddies, perhaps a disaffected employee inside your network -- even
>authentication of outbound connections wouldn't help you: if this
>insider is `trusted' -- allowed to make outbound connections through
>(say) your telnet application gateway -- then she can if so determined
>misuse this channel anyway (eg:

No firewall can help you against a disaffected employee in all situations.
The only recourse in this case is to have a well thought out and well
spelled out security policy.  This way at least the disaffected employee
knows what the consequences of their actions will be.  People are always the
security problem, and sooner or later any security problem is going to turn
into a "people problem".

Ian

-----
Ian Poynter						ian @
 world .
 std .
 com
Home: (617) 338-9639	Work: (617) 621-0820
I can also be reached as ian @
 dataware .
 com
<Insert your favorite standard disclaimer here>

Indexed By Date	Previous:	FAQ --- cheap packet screening tools From: ellerman @ rzdspc2 . informatik . uni-hamburg . de (Uwe Ellermann)
Indexed By Date	Next:	Re: mis-use of telnet (was: Re: Hey the crackers have a new twist...) From: lacoursj @ uprc . com (Jeffrey D. LaCoursiere)
Indexed By Thread	Previous:	Re: Hey the crackers have a new twist 8-(. From: ajl @ Orion . MC . Duke . EDU (Arne J. Ludwig)
Indexed By Thread	Next:	Re: Hey the crackers have a new twist 8-(. From: pjh70 @ eng . amdahl . com (Patrick J Horgan)