[Dshield] Cannot connect to box so why bother?

Stephane Grobety security at admin.fulgan.com
Wed Mar 20 09:00:35 GMT 2002


S> On my firewall, you literally cannot connect to the box from the
S> outside, remote admin is not possible. If someone were to pound the heck 
S> out of it to try to break the password wouldn't they have to first 
S> connect to the password form or something?

Well, how can you be SURE that you cannot connect to a box ??

Cisco routers have been known to simply bypass the ACLs when under
heavy load, NAT can be abused (although not easily) and somone could
have simply plugged a modem on his computer, two desks from your
own. Border management is essential and it should be your front-line
security. But it really shouldn't be your only one: password security
is also important and I personnaly wouldn't like to run a network
without an IDS on.


-- 
Best regards,
 Stephane                            mailto:security at admin.fulgan.com




More information about the list mailing list