RE: CRIME AOL Backdoor?

From: Andrew Plato (aplato@private)
Date: Mon Jun 24 2002 - 19:11:48 PDT

  • Next message: Alan: "RE: CRIME AOL Backdoor?"

    > Object lesson: Firewalls are *useless* at preventing the exporting of 
    > content from your site. If someone inside is determined to 
    > get some kind 
    > of protocol to talk to something outside, and you allow *any* kind of 
    > connection out, then they can obscure or encrypt the traffic 
    > so that you won't see it.
    
    Which is why you need an IDS on both sides of that firewall - preferably
    every box in your organization. It isn't enough to stop traffic. Got to
    sniff it and see if there's anything stinky in those payloads. Ewwww,
    FTP over DNS. 
    
    :-)
    
    ------------------------------------
    Andrew Plato, CISSP
    President / Principal Consultant
    Anitian Corporation
    
    (503) 644-5656 office
    (503) 201-0821 cell
    http://www.anitian.com
    ------------------------------------
    
    
    
    
    
    



    This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 19:58:04 PDT