Firewall Follies

Monday, 2 September 2002, 12:42 PM EST

Do you use the Internet at work? I see lots of hands. You may not realize it, but your access to the Net is most likely mediated by some kind of firewall. Companies are spending thousands, even hundreds of thousands, of dollars on these systemsóand trust them to protect their networks from snoopers and intruders.

Thatís a problem, because firewalls often provide a mere illusion of protection. They donít make business systems significantly more secure. And by focusing attention on defending the perimeter, rather than on defending information assets within an organization, firewalls foster lax internal security practices that magnify the damage that insiders can inflict.

What firewalls do accomplish, however, is this: they make the Internet more cumbersome to use. I recently visited a friendís firm in New York and wanted to check my e-mail, so I plugged my laptop into a network jack in an unused office. Access denied: my PC wasnít set up to work with the companyís firewall. So instead of reading my e-mail, I occupied myself by sniffing the traffic on the office network and probing for a way out. (Had I been inclined, I could have read everybody elseís e-mailóor done real damage.)

[ Read more ]


For all your firewalls information needs, visit the Firewalls outside articles section of HNS.


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Dec 1st