Taken to extremes, all the applications running inside the
protected network would have to be duplicated on the
firewall and written in "safe" form. :)
In addition, all incoming code would have to be run
in a sandbox to determine if it does things that
are contrary to the security policy of all inside
machines. If so, the code would be blocked or, heh,
modified to work properly. :)
Per Gustav Ousdal wrote:
>
> > If the netowkr architecture was done correctly and the underlying
> > operating system was hardened to only allow that particular application's
> > protocol to be the only service enabled then it would be very hard to
> > actually get in.. Marcus's assumption is that every firewall admin or
> > firewall admin wannabe misconfigures their firewall on a general basis.
>
> Hmm, well that's not how I interpet Marcus's "assumption". I think he is talking
>about bugs/vulnrabilities in the server(service) listening, that the
>proxy/application gateway does not know about, and thus is not able to block (The
>packet filter(s) can do nothing, since to them this is legal traffic); So even if
>this is the only service listening (and the OS is otherwise hardend) the server will
>be compromised. (So to minimize the effect the server should be run with the least
>possible priveliges, and chrooted, but the server will/could still be compromised)
>
> > So I would take his statement with a grain of salt and state that if a
> > security network architecture is setup securely and applications that
> > possible are vulnerable are placed strategically things will not get
> > broken into as fast as he claims..
>
> Well, his point made sense to me (if I interpeted him correctly). I think we could
>do everything by the book, and still not be safe, becoz new exploits are sure to
>surface even if we block (either make the proxy aware of them, or fix the bug in the
>server (demon) itself) all the currently known ones.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
