On Mon, 10 Nov 1997 Hartmut.Fehling_at_Hamburg-Mannheimer.de wrote:
> Example: I have an NT-Host behind the FW which is vulnerable to POD or
> NetBIOS-Attacks. However, the FW-Host is supposed to filter out this kind
> of traffic. How far can I trust the _current_ products to do just that?
In an application layer gateway which doesn't forward, you should be able
to build a high level of trust if you don't have proxies for the
applications *and* the firewall itself isn't vulnerable. In a packet
filtering firewall, as much as you trust the particular implementation.
But of course, proxies get to be the same difficulty when it comes to
things at the application's transport layer.
Trust modeling is complex, and the barriers to entry into a trusted space
are quite high, and the path long. That's why you'll see a lot of us
arguing against jumping to the 'latest and greatest' of anything, be it
OS, product, or service.
Your audit points, ability to have good audits, and following the issues
should give you assurance based on your extension of trust.
Lastly, trust shouldn't be absolute.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts_at_clark.net which may have no basis whatsoever in fact."
PSB#9280
Received on Nov 12 1997
Intro
