On Tue, 5 Dec 2000, Kathy wrote:
> If you follow http://www.attrition.org/mirror/attrition/ ,
> it contains a list of hacked websites. Last week, Network Associates and McAfee's
>website in Brazil was hacked.
>
> For a mirror of the hacked NAI web page,
> http://www.attrition.org/mirror/attrition/2000/11/29/www.nai.com.br/
>
> The hackers must have bypassed NAI's Gauntlet firewall and CyberCop monitor?
That's a pretty big leap to make. Most people don't put Web Servers
behind firewalls *especially* proxy-based firewalls. Also, there are a
significant number of Web server attacks that are in-band (HTTP-based
attacks), there's not a great deal a firewall can do about traffic that's
permitted (hence the long and drawn-out ranting about opening up inane
services and protocols yesterday.) Do you have any proof that the Web
site was *behind* a firewall, or is it pure conjecture?
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
