Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: what should I do when....
From: Adriel Desautels <adriel () netragard com>
Date: Thu, 10 Jul 2008 13:15:39 -0400
Easy Sergio:

Social Engineering (my favorite), Infected USB Fob, Physical Entry.
But if you are going to do that then why not just unplug the entire network and do away with the firewall? 

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Sergio Castro wrote:

Let me try to understand what you are saying. If you block ALL traffic,
inbound and outbound, with a firewall, how then, would a hacker get into the
system? 
-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
nombre de Adriel Desautels
Enviado el: Miércoles, 09 de Julio de 2008 10:00 a.m.
Para: Ansgar -59cobalt- Wiechers
CC: security-basics () securityfocus com
Asunto: Re: what should I do when....

Ansgar,
        You can not bullet proof a computer system by using a firewall even
if you block all traffic to and from that system. In most configurations
firewalls block inbound connection attempts to *internal* systems, while
they permit outbound attempts from those systems.

        It is my opinion that firewalls are not security devices as much as
they are traffic shaping devices. Their job is to control network
connections and the flow of traffic, not to ensure that something can't be
hacked.

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you
must know  : http://tinyurl.com/26pjsn


Ansgar -59cobalt- Wiechers wrote:

On 2008-07-08 Weir, Jason wrote:
Quote of the day.... 
"Bullet-proofing your systems is as easy as using a firewall"

If it was only true....
It is quite true, you're just underestimating the task of maintaining a firewall. 

Regards
Ansgar Wiechers




__________ NOD32 3257 (20080710) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]