On Wed, 7 Apr 1999, pdmallya wrote:
> A department in my company wants to permit PC's in our network to access
> files in machines on an external network using Netbios file-sharing. I'm
> being told that this does not open any loopholes in our security, because:
> (a) we can connect our network to the external one using a Checkpoint
> Firewall, with a rule permitting NBT connections from our internal PCs to
> the external machines containing the files. There will be no rule permitting
> a reverse connection.
> (b) there will be no shared disks on our network, and the Checkpoint rules
> will enforce this.
> (c) ergo, our network is not exposed in any way.
A couple of things to consider:
1) You have an exposed NBT server outside the firewall.
2) This server must have valid account information for internal users
3) Most likely logon names and passwords will match your internal systems
4) you will have an LMHOSTS file or WINS entry that identifies internal
systems
5) If the exposed system allows null connections, a list of valid users
can be pulled anonymously.
6) If I compromise the external system, I may be able to install
sniffer/trojan software which will monitor outbound activities.
I'm sure others will come up with more, but I'm running late for a
meeting. ;)
Cheers,
Chris
--
**************************************
[EMAIL PROTECTED]
* Multiprotocol Network Design & Troubleshooting
http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
