RE: CRIME AOL Backdoor?

From: Andrew Plato (aplato@private)
Date: Mon Jun 24 2002 - 19:11:48 PDT

Next message: Alan: "RE: CRIME AOL Backdoor?"

Previous message: Crispin Cowan: "Re: CRIME AOL Backdoor?"
Maybe in reply to: Jeffrey_Korte/Security/FCNB/Spgla@private: "CRIME AOL Backdoor?"
Next in thread: Alan: "RE: CRIME AOL Backdoor?"
Reply: Alan: "RE: CRIME AOL Backdoor?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Object lesson: Firewalls are *useless* at preventing the exporting of 
> content from your site. If someone inside is determined to 
> get some kind 
> of protocol to talk to something outside, and you allow *any* kind of 
> connection out, then they can obscure or encrypt the traffic 
> so that you won't see it.

Which is why you need an IDS on both sides of that firewall - preferably
every box in your organization. It isn't enough to stop traffic. Got to
sniff it and see if there's anything stinky in those payloads. Ewwww,
FTP over DNS. 

:-)

------------------------------------
Andrew Plato, CISSP
President / Principal Consultant
Anitian Corporation

(503) 644-5656 office
(503) 201-0821 cell
http://www.anitian.com
------------------------------------

application/x-pkcs7-signature attachment: smime.p7s

Next message: Alan: "RE: CRIME AOL Backdoor?"
Previous message: Crispin Cowan: "Re: CRIME AOL Backdoor?"
Maybe in reply to: Jeffrey_Korte/Security/FCNB/Spgla@private: "CRIME AOL Backdoor?"
Next in thread: Alan: "RE: CRIME AOL Backdoor?"
Reply: Alan: "RE: CRIME AOL Backdoor?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 19:58:04 PDT