Tuesday, January 27, 2009

Spammers are back at it

I blogged two months ago about a sharp decrease in spam, due to removing a big spammer from the Internet, by legal means. The spammers are back, though not yet at their highest level.

The article at Network World.

Monday, January 19, 2009

Friday, January 16, 2009

A firewall is not a security device

If you want to filter things intelligently, you are doing security.
If you review your filtering policies regularly, you are doing security.

But a simple firewall, which typically drops packets going to some ports, is no security device. It's just part of shaping the network. It deals with the normal use of the network, it doesn't help with the following:
  • Confidentiality: think of all the opportunities to sidestep a firewall... The tunnels, the vulnerabilities in the servers and, of course, the HTTP traffic itself which is the biggest threat to confidentiality.
  • Integrity.
  • Availability: it will not help you against DoS attacks, nor against hardware failures...
The firewall is a part of the architecture, allowing to say to the normal users that they are not supposed to use instant messaging, or SSH, or FTP, but it does nothing against an attacker. A firewall is not a security device.

Royal Navy warships lose email in virus infection