[Full-Disclosure] [OFFTOPIC] Zone Alarm
yossarian at planet.nl
Thu Jun 5 23:45:26 BST 2003
Paul Schmehl wrote:
> Off course you're right. My point, which I obviously made ineptly, is
> that *everything* must be patched at some point, so the idea that you
> install a DSL router and just forget about it was what I was trying to
> get at. There *is* no panacea for security. It's an ongoing,
> never-ending process of checking and rechecking and rechecking again to
> make sure that there aren't any known holes in your defenses.
An interesting idea could be a CD based embedded XP solution - gives the
windows lovers the interface and us BOFH's full control. Think about it -
make an image with the common apps, map data to drives as binary files, scan
on the server - which could also be an embedded thingie, and if you switch
it off - exit any attack that might be resident somewhere in the system.
Some or a lot of elaboration would probably be necessary, especially on H/W
support, but if all data is mapped to another host - the only approach being
through the memory of the embedded windoze - well, attacks would become a
lot harder. And it'd probably lower the TCO. I think this might be an idea
for SoHo, the second machine could be anything older connected thru a
non-routable protocol. Novell 3.12 - how too stage a tunnel from a
temporarily 0wned XP box with no execute from writeable area's?
Of course throwing in a zonealarm would be nice to keep the users alert on
the all the scanning. This probably would not work for home users, but if
they have to be able to connect to your corporate network, booting from a CD
with embedded, a sort of fingerprint for authentication - or use the
smartcard or whatever two-stage auth., data to be stored thru VPN on the
corporate server - if any - at least they can view their mail, and just
maybe write it to a floppy or USB thingie.... - so they can work at home on
their own messed up boxes without risking the precious corporate network.
Just give the home users a new CD every couple of weeks or months.
Just another approach to a part of this prob - and a lot less patching ....
Full-Disclosure is hosted and sponsored by Secunia.