[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Poor protection offered by most firewalls



PureBytes Links

Trading Reference Links

Dear Mark and Omega List Users

>From my research you need protection from the following.  I don't think any
of the popular commercial firewalls protect from all of these :

Vanilla TCP connect() scanning,
TCP SYN (half open) scanning,
TCP FIN, Xmas, or NULL (stealth) scanning, <<---- looks bad
TCP ftp proxy (bounce attack) scanning
SYN/FIN scanning using IP fragments (bypasses packet filters) <<---looks bad
UDP raw ICMP port unreachable scanning,
ICMP scanning (ping-sweep)
TCP Ping scanning
Direct (non portmapper) RPC scanning
Remote OS Identification by TCP/IP Fingerprinting, and
Reverse-ident scanning

I am sure there are lots of other ways, too....

If you or anyone on the list can figure out a way to protect us, I would be
interested.  Perhaps someone knows what each of these bad-boy items are.

Finally, I would like to emphasize MB's comments.  With the rapid employee
turnover in most high tech companies, I am sure there are many backdoors
programmed into most of the well known products we all use.

Yes, we can just unplug from the internet.  I am sure there is a better way.

Most traders I know have several computers networked together.

Sen