From: patrick@Verity.COM (Patrick Horgan)
To: kelli@zeus.towson.edu
Message Hash: 7aad50cb9ed519ea31d6adaad901f9c59007d0f97d64fe319d368dd3451f0cd6
Message ID: <9510111604.AA06660@cantina.verity.com>
Reply To: N/A
UTC Datetime: 1995-10-11 16:08:17 UTC
Raw Date: Wed, 11 Oct 95 09:08:17 PDT
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 11 Oct 95 09:08:17 PDT
To: kelli@zeus.towson.edu
Subject: Re: NYT on Internet Flaws
Message-ID: <9510111604.AA06660@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain
> From: "K. M. Ellis" <kelli@zeus.towson.edu>
>
> This one is _really ripe_ for a response to the editor. Ideas?
>
> We could start something off-list if there are several interested in
> co-authoring.
>
I'd love to see something in there about most commercial sites being behind
firewalls without nfs access across the firewall. This greatly reduces the
risk from the nfs problems. If you get your binary via nfs from a trusted
host inaccessible from the internet, then if you have this problem management
can handle it as an employee problem;) There are ways to make secure
firewalls, it's fairly well understood. Sometimes people point to things
like the hack Mitnick did last Christmas, but his attack took advantage of
a couple of things a security expert shouldn't have allowed, first and
foremost two machines were accesible from the internet, and one of them
trusted root logins from the other without a password:(
I could write something up about it if you'd like.
Patrick
_______________________________________________________________________
/ These opinions are mine, and not Verity's (except by coincidence;). \
| (\ |
| Patrick J. Horgan Verity Inc. \\ Have |
| patrick@verity.com 1550 Plymouth Street \\ _ Sword |
| Phone : (415)960-7600 Mountain View \\/ Will |
| FAX : (415)960-7750 California 94303 _/\\ Travel |
\___________________________________________________________\)__________/
Return to October 1995
Return to ““Philip J. Nesser” <pjnesser@rocket.com>”