1995-10-11 - Re: NYT on Internet Flaws

Header Data

From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Message Hash: 23f28806d242a41d2294be9e90c632c8ba8e782823ce010ca9fd8f7a25075316
Message ID: <307C4D2F.150B@netscape.com>
Reply To: <9510111604.AA06660@cantina.verity.com>
UTC Datetime: 1995-10-11 23:07:06 UTC
Raw Date: Wed, 11 Oct 95 16:07:06 PDT

Raw message

From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 16:07:06 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510111604.AA06660@cantina.verity.com>
Message-ID: <307C4D2F.150B@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Patrick Horgan wrote:
> 
> > From: "K. M. Ellis" <kelli@zeus.towson.edu>
> >
> > This one is _really ripe_ for a response to the editor.  Ideas?
> >
> > We could start something off-list if there are several interested in
> > co-authoring.
> >
> I'd love to see something in there about most commercial sites being behind
> firewalls without nfs access across the firewall.  This greatly reduces the
> risk from the nfs problems.  If you get your binary via nfs from a trusted
> host inaccessible from the internet, then if you have this problem management
> can handle it as an employee problem;)  There are ways to make secure
> firewalls, it's fairly well understood.  Sometimes people point to things
> like the hack Mitnick did last Christmas, but his attack took advantage of
> a couple of things a security expert shouldn't have allowed, first and
> foremost two machines were accesible from the internet, and one of them
> trusted root logins from the other without a password:(

  It might also be worth noting that people accessing the net
via an ISP from home do not typically use NFS either.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





Thread