Disclaimer: I do NOT profess great expertise in this field, I only try to make MY
network secure.
Theoretically a well-configured packet filter router can provide a substantial
roadblock to intrusion, depending as well on the internal site configuration.
As you should well know, the general principle is: the more attractive the valuables
inside, the more secure the locks need to be.
Your question seems to beg a specific solution for a VERY general problem.
For example:
1) does the router have (unused) advanced filtering capabilities?
2) is the internal network composed of routable or reserved IPs?
>As a security consultant I encounter many different configurations. One
>of my clients has found themselves in a situation wherein their
>perimeter protection is essentially a packet filtering router. I, and
>the security people in the organization, are well aware of the myriad of
>attacks that will make it through router filters (fragmented packets,
>packets without SYN bit set, etc.) but we are having a hard time
>persuading management that the risk is more than theoretical.
>Discussions of the techical issues just cause their eyes to glaze over.
>
>Does anyone know of a well documented incident that caused significant
>disruption to an organization that used a packet filter router for
>protection instead of a real firewall? I have lots of anecdotal
>accounts from conferences, etc., but nothing that I can point to that
>says "In Oct, 1999 hackers broke through the brand X router used at
>company ABC and reformatted the disks on 11 servers". Without a
>concrete example management will conclude that we are just paranoid.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
