Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: PocketPC firewalls

RE: PocketPC firewalls

From: Paul D. Robertson <paul_at_compuwar.net>
Date: Thu, 22 Apr 2004 08:55:22 -0400 (EDT)

On Thu, 22 Apr 2004, Williams Jon wrote:

> That was the take we've had for a while, although recent changes (i.e.
> certain iPAQs coming with built in 802.11 access, etc.) have made us
> question that. Hopefully, these machines won't have mission critical

It's good to revisit it fairly often, but at this point, there's just not
heaps of exploit code out for them. By the time that there's a real
threat, we'll likely have more options for protection. At this point, I'd
seriously look more at strategies for keeping them up to date- since we're
likely to have more of the same client-side "it has to go through the
firewall" problems anyway. I doubt that PocketPC has (but I haven't
looked) all that many dangling services, but I'd bet the Web and mail
clients are about par for the course.

> data on them, but many of the users I know sync their email and address
> books to their PDAs, so some users might inadvertantly have important
> information we wouldn't want leaking. For normal files, we're also
> looking at file-level encryption, but since we were looking at the PDA
> security question, we wanted to make sure we hadn't overlooked anything.
>

Yeah, I just think that at this juncture, a firewall is more of a placebo
than a valuable control. Now, that could change, and if it does, then
ability to have on in place becomes important, but I really don't see it
as a major threat vector for a while (I bet the loss stats for PDAs well
outweigh the attack stats, which well outweigh the successful attack
stats.)

In fact, I'll go out on a limb and say that I doubt there's been a real
PDA attack in the wild, even with 802.11 (and I'd concentrate more on WPA
for folks who use them at home than I would a firewall...)

I'd also hate to take support calls for things that "don't work" on a PDA,
since lots of salespeople *need* them to work *now*. If there's an
alternative browser like Opera available, I'd be looking at rolling that
out well before a firewall.

Just my .02.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul_at_compuwar.net which may have no basis whatsoever in fact."
probertson_at_trusecure.com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Apr 22 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos