RSS |
||||
Part 1: How to Set Up a Linux-Based Firewall for a SOHO part 1 of a 3-part series April 30, 2001
SOHO Firewalls Are Not Safe
It's one thing to rush an application to market without thinking about security. It's another to rush a security application to market. But that's what has happened with several SOHO firewalls -- a product category that was a virtual nonentity a year ago but is now standard fare for anyone on a broadband connection, including telecommuters and mobile communications.
SOHO firewalls are designed to block suspicious incoming and outgoing traffic on a client machine or even block an application from using the Internet altogether. It's an important job, since broadband connections are always on and, hence, easy prey for hacker programs that can sniff out their IP addresses. But many of these SOHO firewalls have a design that's easy to compromise with just a few lines of code.
For example, a hacker could rename a rogue file to iexplore.exe, an app name that is not likely to be barred from using the Web. If, in fact, the end user had set his or her firewall to allow that application to access the Internet, the bad file is allowed in.
Everyone is on the SOHO firewall bandwagon, and hardly anyone is doing it right. A Trojan comes along and calls itself a basic application like netscape.exe, and it's in. This is not some future problem once the bad guys notice. These Trojans exist.
Hopefully, publicizing this kind of hole will tighten companies' security measures quick. Something this simple is scary. If you have persistent connections popping up everywhere, you don't want them to go unchecked.
Other problems are born out of the rush to get products to market. For example, the default settings of Sygate Technologies' firewall leave individual programs open to the Internet until users choose to disable access. Symantec Corp., in an effort to make its product more user-friendly, has a list of applications that automatically get permission to access the Internet so users aren't even presented with the choice. Some products, such as BlackIce Defender from Network Ice Corp., don't yet offer the ability to block outgoing transmissions to the Internet from a client machine when the client acts as a server.
Both points are valid. These firewalls were rushed to market and are poorly designed. Version 1 of these things is not a 100 percent solution; they are more like an 80 percent solution. But business is business. Everyone saw a SOHO firewall out there, and they all had to have one. Most of these offerings have to get much better in their next revision.
While some of the technical vulnerabilities likely will go away in later versions of the products, there is a psychological aspect to the problem. IT managers put an inherent amount of trust in security products, which actually can leave them vulnerable when the products show weaknesses such as these.
Since it is security, a tendency exists to think, "I can set it and forget it." That's asking for trouble. The number of telecommuters using broadband is increasing. In 2002, unfortunately, that means home machines will get trashed. Or they will be the dupes that allow a hacker into a SOHO network.
| ||||
| Page: 1 | 2 | 3 | Next Page |  | |||
Upcoming Events
Cloud Connect
Santa Clara
Feb 13-16, 2012
Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.
Register Now!
Subscribe to Newsletter
- Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Vendor NewsFeed
- CollabNet Adds Git Source Code Management To Codesion Enterprise Cloud Development Platform
- Synology Announces New Line Of Economical RackStation Network Attached Storage
- New Application Server From AquaFold Makes Data Warehousing And Business Intelligence Fast And Simple
- Synology Announces 2 Bay Series - A NAS For Every Network
- Ericom AccessNow For Enterprise Portals - Secure, Portal-based, HTML5 Web Access To Windows Applications, Desktops And Services
- Good Technology Announces iOS 5 Support For Good For Enterprise
Research and Reports
FEATURED RESEARCH
State of Server Technology
FEATURED STRATEGY
The Long-Distance LAN
Register for Network Computing Pro
Find hundreds of reports featuring research from your peers, and best practices from top IT pros. Sign UpAugust 2011
Video
Most Popular
Featured Whitepapers
- Mobile BI: Actionable Intelligence for the Agile Enterprise
- Creating the Enterprise-Class Tablet Environment - by Yankee Group
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- Red Alert: Why Tablet Security Matters - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Featured Reports
BlogRoll
TechWeb Careers
-
There are a number of job listing scams naming Network Computing. For our official career postings, please see UBM TechWeb Career Opportunities.
