|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Level3 routing issues?
On Mon, 27 Jan 2003 16:00:51 EST, [email protected] said: > It is very easy. > > Deny everything. > Allow outbound port 80 Bzzt! You just let in an ActiveX exploit. Or Javascript. Or.... > Allow mail server to 25 Bzzt! You just let in a new Outlook exploit. > If you need AIM, allow AIM from workstations to oscar.aol.com and whatever > the name of the other mahine. Bzzt! You just let in an AIM exploit. That's assuming that you even *know* what the current name of the other machine is this time around - this laptop has had 6 IP addresses in as many hours. Remember there's a reason why 'talk [email protected]' isn't as common anymore.... > I am failing to see a problem. Well.. other than you let a box that wants to talk on the VPN get outside access to 3 things that are *KNOWN* vectors of malware which could then attack the VPN side of things, no, there's no problem here. Attachment:
pgp00020.pgp
|