[ISN] File-compression package circumvents firewalls

From: mea culpa (jerichoat_private)
Date: Mon Feb 01 1999 - 11:32:36 PST

  • Next message: mea culpa: "[ISN] Microsoft Corp. is working on a patch for a patch."

    http://www.infoworld.com/cgi-bin/displayStory.pl?990129.whhyper.htm
    File-compression package circumvents firewalls 
    By Matthew Nelson
    InfoWorld Electric
    
    ISV Remote Communications Inc. (RCI) has developed an application that
    speeds the transfer of HTML files, but with the unintended consequence of
    possibly enabling damaging code to pass through firewalls. 
    
    RCI's HyperSpace Data Compression software is currently in beta release
    and is expected to ship this month. The system lets users create
    compressed HTML files that can be transferred 60 percent to 70 percent
    faster across networks, RCI said. 
    
    The problem is that viruses, malicious mobile code, or other harmful
    content could also be compressed and then passed through firewalls without
    being checked, according to Peter J. Cranstone, CEO of RCI. 
    
    "I can embed anything I want in there in any format. But let's say I was a
    nasty individual and I coded up a virus. I simply turn that virus into an
    HTML document [and send it past a firewall]," Cranstone said. 
    
    RCI has been in contact with Finjan, a mobile-code security vendor, to
    address the possibilities of malicious Java Applets or ActiveX Controls
    using this delivery system. 
    
    Normally, compressed HTML files are not scanned by firewalls, unless
    specifically targeted by administrators, said officials at firewall vendor
    Check Point Software Technologies. There is potential for viruses to leak
    through the firewall, but preventive measures can be taken, according to
    Greg Smith, group manager for product marketing at Check Point, in Redwood
    City, Calif. 
    
    "The firewall can intercept any kind of traffic, including HTTP and HTML
    files," Smith said. "We can vector the traffic off to a content screening
    application so that we can protect internal network resources from
    malicious content such as viruses." 
    
    Some security company officials are aware of the possible dangers of
    compressed files, but said they believe there are bigger fish to fry at
    this time. 
    
    "It's a matter of trying to put the most bang for the effort into our
    products, and we have to approach the most immediate and important things
    that we can address," said Chris Williams, product marketing manager at
    NAI Labs, in Santa Clara, Calif. "Even if you get [a virus] past a
    firewall, you have to get it past the desktop protection." 
    
    A beta version of RCI's HyperSpace Data Compression application is
    available now from the company's Web site. A final version is slated for
    delivery later this month, with pricing yet to be determined. 
    
    Remote Communications Inc., in Littleton, Colo., is at
    www.remotecommunications.com. 
    
    Matthew Nelson is an InfoWorld senior writer. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:49 PDT