On Mon, 6 Mar 1995 peter @
nmti .
com wrote:
> How does FW-1 deal with a "trojan horse" attack (user downloads a neat program
> that opens up a TCP connection to a throwdown server on some freenet somewhere
> and lets the perp in that way)? At least with a proxy firewall the trojan horse
> would have to be tailored to the specific site under attack...
> --
...and it doesn't butter your toast either. Are you really worried about
this? Transparent proxy-type firewalls would have the same vulnerability.
And the sole protection of the non-transparent types is security by
obscurity, which you can't count on. Superhacker would probably set up the
first trojan horse to email back whatever information is needed, so that
the second version could be tailored to complete the conquest.
Corporations with serious concerns about such bombs simply do not allow
any importing of software. How effective this is remains to be seen, since
it is impossible to recognize every covert channel that might be set up.
Looks like we have to dismantle the internet, it's too risky. :-)
> Peter da Silva
`-_-' > Network Management Technology Incorporated 'U`
> 1601 Industrial Blvd. Sugar Land, TX 77478 USA
> +1 713 274 5180 "Hast du Heute schon deinen Wolf umarmt?"
>
>
-----------------------------------------------------------------------
Ed Strong EMAIL: ems @
ccrl .
nj .
nec .
com
-----------------------------------------------------------------------
Follow-Ups:
References:
|
|
