[Dshield] Cannot connect to box so why bother?
security at admin.fulgan.com
Wed Mar 20 09:00:35 GMT 2002
S> On my firewall, you literally cannot connect to the box from the
S> outside, remote admin is not possible. If someone were to pound the heck
S> out of it to try to break the password wouldn't they have to first
S> connect to the password form or something?
Well, how can you be SURE that you cannot connect to a box ??
Cisco routers have been known to simply bypass the ACLs when under
heavy load, NAT can be abused (although not easily) and somone could
have simply plugged a modem on his computer, two desks from your
own. Border management is essential and it should be your front-line
security. But it really shouldn't be your only one: password security
is also important and I personnaly wouldn't like to run a network
without an IDS on.
Stephane mailto:security at admin.fulgan.com
More information about the list