On Wed, Aug 22, 2007 at 09:33:21AM -0600, Chris Friesen wrote:
> Dave Hall wrote:
>
> >I belive that for the application as described, the point is to allow data
> >stored on the insecure box to be accessible by the broader network. This
> >use case is not about preventing targeted compromise where your solution
> >would be ideal.
>
> Sure, that's fair. The main reason why I suggested my solution was that
> Gordon asked if a one-way firewall is possible. While possible, in this
> case it may not be necessary.
The other consideration that drew me to my suggestion is that an
unmonitored firewall can be more dangerous than a host. Mainly because of
the false sense of security it can provide (I've sure you've heard "we're
secure because we have a firewall") and the fact that it might take a while
to detect a compromise of the firewall. At least with an active host, an
operator (admin or user) is likely to notice weirdness sooner. An attacker
could sit on an unmonitored host for weeks or months collecting information
or hiding tracks before anyone notices.
Again, the mantra of real IT security is that it's about the process,
not the technology.
Received on Wed Aug 22 17:53:53 2007
This archive was generated by hypermail 2.1.8 : Wed Aug 22 2007 - 17:53:57 CST