Matt Curtin <[EMAIL PROTECTED]> writes:
> After seeing the flood of mail about the latest bit of malware and how
> to filter and to disable it, I decided that it's time to spell out the
> problem in some detail and to make a call for sanity.
>
> Abstract:
>
> With the attention received by the ``ILOVEYOU'' worm that floated
> around the Internet in the early part of May 2000, many people are
> wondering why their anti-virus software didn't prevent them from
> becoming infected and how they can protect themselves in the
> future. Here we argue that this approach to the problem, though
> popular, is fatally flawed and simply cannot work.
>
> http://www.interhack.net/pubs/email-trojan/
I generally agree with the content of this article (policy and
education), but it is amazingly hypocritical and potentially damaging.
The introduction to this article lambasts "experts" who jump first to
firewalls and anti-virus software as part of a solution, then turns
right around and provides "expert" opinion that policy and education
are The Only Solution.
This article can harm sites with less experienced security people by
leading them to believe that security is focused only on certain areas
when in fact it covers a broad spectrum.
-- Ken
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
