[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NYT on Internet Flaws

To: [email protected] (Patrick Horgan)
Subject: Re: NYT on Internet Flaws
From: [email protected] (Dr. Frederick B. Cohen)
Date: Wed, 11 Oct 1995 13:23:38 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Patrick Horgan" at Oct 11, 95 09:04:27 am
Sender: [email protected]

> I'd love to see something in there about most commercial sites being behind
> firewalls without nfs access across the firewall.  This greatly reduces the
> risk from the nfs problems.  If you get your binary via nfs from a trusted
> host inaccessible from the internet, then if you have this problem management
> can handle it as an employee problem;)  There are ways to make secure
> firewalls, it's fairly well understood.  Sometimes people point to things
> like the hack Mitnick did last Christmas, but his attack took advantage of
> a couple of things a security expert shouldn't have allowed, first and
> foremost two machines were accesible from the internet, and one of them
> trusted root logins from the other without a password:(
> 
> I could write something up about it if you'd like.

You might want to refer the NYT to the recent study published by
Computer Security Institute (in info-sec super journal on our W3 site).

There are alse several papers there on "Internet Holes" under Network
Security in the same on-line journal.  Every month, another 5-10 holes
are added to those published in this forum.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

Follow-Ups:
- Re: NYT on Internet Flaws
  - From: Adam Shostack <[email protected]>

References:
- Re: NYT on Internet Flaws
  - From: [email protected] (Patrick Horgan)

Prev by Date: Re: Internet, the cracking machine
Next by Date: Re: NYT on Internet Flaws
Prev by thread: Re: NYT on Internet Flaws
Next by thread: Re: NYT on Internet Flaws
Index(es):
- Date
- Thread