Jeff says/asks,
> A commonly-held conception in the commercial world (in my experience) is that
> most threats to "corporate security" come from the Internet-at-large, and
> therefore being behind a firewall is a Good Thing and generally Sufficient.
I believe this is a very wrong notion. However I want to point out that even if
one is concerned only/mainly about external threats, a firewall is still only a
very limited solution. In fact, I believe firewalls are no match for a
determined attacker, for the following simple problem with the firewall approach
(rather than with a specific one): firewalls cannot prevent a program running on
the internal network from bypassing it. Now, getting one program to run in one
computer within an organization is fairly easy - any good trojan horse or virus
can do this. So, a determined attacker can by pass any firewall - and
organizations should use additional tools to defend. (and this time I'll stop
here :-)
> Of course there are many references in the literature which dispute that
> one-sided posture, and it is a reasonably commonly-held (again in my
> experience) amongst security weanies that just as many if not more threats may
> emanate from within one's organization (a university being an canonical
> example), but I haven't uncovered any references that directly cite evidence
> quantifying this perception.
I actually remember there being some numbers but I'll have to leave the quote to
these with more stable memory (chips?)...
Best Regards,
Amir Herzberg
Manager, E-Business and Security Technologies
IBM Research Lab in Haifa (Tel Aviv Office)
http://www.hrl.il.ibm.com
New e-mail: [EMAIL PROTECTED]
New Lotus notes mail: amir herzberg/haifa/ibm@IBMIL
