> Likewise, it doesn't take a rocket scientist to realize that the name
> of the
> file can be changed. So having to have these fundamental flaws in
> architecture
> pointed out to them before they begin to concern themselves with
> addressing them
> severely damages their credibility at a very fundamental level for me.
This strikes me as an overreaction - what exactly should they be doing? Unless they
perform a checksum on every application every time it connects to the 'Net, this sort
of a problem will likely exist. I would say that checking port numbers and executable
names is pretty good - a standard packet filter makes its decisions based strictly on
ports.
Tools like personal firewalls are not a cureall. While I think the current hype is
largely that - hype, it's good that people are being told that a personal firewall
isn't an excuse to ignore all other aspects of security. A personal firewall, an
up-to-date virus scanner, and the sense to only execute things you trust will serve
you quite well.
In a corporate environment, users who don't understand this need to be educated, and
users who deliberately ignore these rules should have their 'Net access curtailed.
Mike
----
Michael Owen
IT Security Engineer
NET-TEL Computer Systems Ltd
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
