comp.security.firewalls archive
Re: defeating firewalls made easy
Date: Mon May 30 2005 - 01:06:10 CEST
Taking a moment's reflection, itoii 3uvu mused:
|
| all good points . .but the big question this article raises:
|
| can a criminal trespass electronically onto or in a remote computer
| protected by a firewall; and without any assistance from a direct or
| indirect physical trespass of the target computer? this article seems
| to imply an affirmative answer to that question.
Not really. There is no indication in the article that access to
the networks in question was gained via direct exploitation of said
firewalls. As the article states, the data was obtained by "illegally
planting spy software in the targeted computers and downloading their
classified data." It refers to the software as "the illegal raider
software called Trojan Horse."
This would seem to negate your assertion of it being without "any
assistance from a direct or indirect physical trespass." This suggests
a breakdown in security procedures and mandates ... not a breakdown in
firewall security. The spyware was probably delivered via email , or
physical trespass. Due to the gag order, however, specifics probably
won't be known for some time.
Received on Thu Sep 29 19:53:16 2005