RE: CRIME AOL Backdoor?

From: Alan (alan@private)
Date: Mon Jun 24 2002 - 20:51:45 PDT

  • Next message: Zot O'Connor: "Re: CRIME Netcraft Ethics"

    On Mon, 2002-06-24 at 19:11, Andrew Plato wrote:
    > 
    > > Object lesson: Firewalls are *useless* at preventing the exporting of 
    > > content from your site. If someone inside is determined to 
    > > get some kind 
    > > of protocol to talk to something outside, and you allow *any* kind of 
    > > connection out, then they can obscure or encrypt the traffic 
    > > so that you won't see it.
    > 
    > Which is why you need an IDS on both sides of that firewall - preferably
    > every box in your organization. It isn't enough to stop traffic. Got to
    > sniff it and see if there's anything stinky in those payloads. Ewwww,
    > FTP over DNS. 
    
    And for every hole you plug, another will be created by someone who is
    being creative.
    
    I remember seeing an implementation of ftp over icmp.
    
    And don't bend over for the SOAP.
    



    This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 23:24:10 PDT