[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] MSN and Yahoo messenger
It's good to keep a sense of humor, but given that this is a mailing list primarily for firewall admins - security personel, yes? I would expect someone else to have something concrete to add, for or against. That said, I agree completely, if you want to be truly safe, unplug your edge router and then return to your desk and put your feet up. Point well taken Mr. Parker. ;-) If you need to be connected, read through some of this and come to your own conclusions. - 5/16/02 EDS bans IM products for security's sake. http://www.theregister.co.uk/content/55/25185.html - 4/20/02 CERT Warning Advisory: http://www.cert.org/incident_notes/IN-2002-03.html - 4/11/02 Aphex/Explore worm (spreads via IRC & AIM) http://www.cnn.com/2002/TECH/internet/04/11/messenger.worm.idg/index.html Here's an article from Computerworld.. http://www.computerworld.com/storyba/0,4125,NAV47_STO68932,00.html ) and if you want a less techie read for your management, check out last week's front page story in the McPaper, err, USA Today. You want the bottom of page 1 from 5/29/02 "Instant Messaging at work can open door to hackers". It is purchasable via thier online archives. Go to http://pqasb.pqarchiver.com/USAToday/ and search on "instant messaging" and it will be your #1 return. Bottom line? Everything we do is just risk management. So how much risk do you want to manage? Do you keep your head down or paint a big bullseye on your chest? Something to think about, or joke about. Whatever works for you! - Joe >>> Jim Parker <[email protected]> 06/06/02 06:16PM >>> yes and block port 80 incase someone inadvertently uses the "world wide web" as this can pass viruses too, in fact best practise, unplug your "internet router". > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[email protected]]On Behalf Of Joe > Pampel > Sent: 06 June 2002 21:28 > To: [email protected] > Subject: Re: [FW-1] MSN and Yahoo messenger > > > You should not under any circumstance let these through IMHO. > They present a real threat to your network. > There have been several IM spread virus outbreaks already and > just today CERT issued a bulletin about > the Yahoo product. If people have to IM, either try and get a > professional-grade product with encryption and logging > in place or have them use the web-based AIM product which > does not, as far as I know, allow the remote launching of > apps and file downloads, etc. > I realize this doesn't answer your question, but it's IMHO > very important to understand the risks involved and make sure > that management does as well so the decision to let it > through does not come back to haunt you. My prediction FWIW > is that this is going to get worse before it gets better. > > GD LK > > Joe > > >>> Ken Chan <[email protected]> 06/06/02 04:27AM >>> > Dear all, > > Can someone tell me how to let MSN and Yahoo messenger pass > through the > firewall. > How to add these two services. > > Thanks. > > Regards, > Ken > > ******************************************************** > Ken Chan Email: [email protected] > Tel: (852) 2608 6226 Fax: (852) 2608 6566 > Automated Systems (HK) Ltd. > Software Division - System Services > ******************************************************** > > > > > ********************************************************************** > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. > > This footnote also confirms that this email message has been swept by > MIMEsweeper for the presence of computer viruses. > > www.mimesweeper.com > ********************************************************************** > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|