From: Mark <mark@lochard.com.au>
Date: Thu, 28 Sep 95 23:32:30 PDT
To: asgaard@sos.sll.se (Mats Bergstrom)
Subject: Re: "Notes" to be Eclipsed by "Netscape"
In-Reply-To: <Pine.HPP.3.91.950928205053.16699C-100000@cor.sos.sll.se>
Message-ID: <199509290423.AA52917@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>person for Hewlett-Packard (about the HP internal net with 19
>worldwide connections to the Internet - by the way, allegedly
>no one has ever succeeded in breaking their firewalls)

I am unable to discuss the details of this (so dont ask), but HP's firewall
was breached way back in the early 90's. The breach was not discovered, more
upgraded over so I am unsure as to wether it is still open.

Blanket statements such as company X or firewall Y not being breached are
almost always false. One annecdote is a domain installed a firewall but didnt
bother to examine their internal hosts security. This was a mistake because
a number of hosts were *already* trojaned so an outsider could trigger the
mechanisms to allow entry seamlessly through the firewall. This is a good
arguement for keeping OS versions current.

Have a nice day.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.