management interface accessability (was Re: Worm / UDP1434)

Christopher L. Morrow chris at UU.NET
Mon Jan 27 20:07:25 UTC 2003




On Mon, 27 Jan 2003 alex at yuriev.com wrote:

>
> > > their computers on 24x7.  They may be infected, and will fire up their
> > > VPN tunnels Monday morning.  This may introduce the worm into the chewy
> > > center of many corporate networks.  Hopefully folks have put the proper
> > > filters in place on their VPN access points.
> >
> > Wait, but isn't your corporate network 'secure' cause its got a super kewl
> > firewall infront of it??
>
> The problem is not firewall. The firewall is a tool to implement a security
> policy. If the security policy is wrong, a firewall wont help you. In fact,
> the best demonstration of a firewall is a Cat5 cable. Working cable is a
> firewall with Allow:Any security policy. Cut in two, the cable is a firewall
> implementing Allow:None security policy.

I forgot my smilies in the original post... it was a joke... I'll try not
to do that again.




More information about the NANOG mailing list