No, layer 8 is economics, and layer 9 is politics. Since
OSI layers rely on the lower layers, it's not possible to
build an intelligence layer on top of that.
Ryan
"Stout, William" <StoutW @
pioneer-standard .
com> on 04/03/98 01:00:32 PM
To: "'Firewalls @
GreatCircle .
COM'" <Firewalls @
GreatCircle .
COM>
cc: (bcc: Ryan Russell/SYBASE)
Subject: Unwanted data appears inside firewalled network
<sarcasm>
Unwanted data continues to infiltrate our protected network via SMTP,
HTTP, NNTP, floppy disks, RAS connections, and VPNs .
We have a strong firewall. What gives?
</sarcasm>
Firewalls based on the OSI layers don't work. We need AI/fuzzy logic
(OSI layer 8 = intelligence?).
Say a cracker builds network attack at OSI layer three. You build a
perimeter wall up to layer three, called a packet filter to his traffic
out of your domain.
The cracker builds an application attack. You raise your perimeter wall
to layer seven with a proxy.
The cracker builds onto that application (viruses, SPAM, etc). The
cracker is looking over your wall again. Now what? We ran out of OSI
layers to build our wall.
We're mentally confined to this completely artificial layer model.
Crackers aren't. We could build an AI system on the perimeter wall to
add intelligence on the firewall. Or we could build a network-wide
management system (tied into firewalls, virus scanners, & IDS probes) to
create a 'ceiling' across the perimeter walls.
Bill Stout
______________________________________________________________________
New Bill Stout early warning (4/3/98):
Economic shock wave finally coming from Asia. Distribution chip sales
way down (1st qtr '98) in Silicon Valley. Other industries to follow.
Stock market will drop. Prepare your finances.
See: http://www.intel.com/pressroom/archive/releases/CN30498b.HTM
http://www.amd.com/news/corppr/9802.html
http://www.national.com/news/1998/9803/q3fy98.html
|
|
