Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!yarrina.connect.com.au!munnari.OZ.AU!spool.mu.edu!howland.reston.ans.net!newsfeed.internetmci.com!btnet!demon!pencotts.demon.co.uk From: Andrew Gordon <andrew.gordon@net-tel.co.uk> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Internet Gateway Security Date: Thu, 30 Nov 1995 15:43:39 GMT Lines: 24 Message-ID: <817746219.4550@pencotts.demon.co.uk> References: <4928bq$8o3@news2.ios.com> <493pu7$7gs@atlas.uniserve.com> <49i19b$m84@buffnet2.buffnet.net> <49k5nd$4uc@gryphon.phoenix.net> NNTP-Posting-Host: pencotts.demon.co.uk X-NNTP-Posting-Host: pencotts.demon.co.uk X-Mailer: Mozilla 1.1N (X11; I; BSD/386 uname failed) MIME-Version: 1.0 X-URL: news:49k5nd$4uc@gryphon.phoenix.net Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii pflores@phoenix.net (Paul Flores) wrote: >: I dissagree - if any machine on your lan runs BOTH IPX and tcp/ip the >: cracker would need only crack that machine, and then use it to crack >: other ipx/novell boxes. > >Hmmm, as long as FTPs into your machines are denied(Something your router >should be able to do), there >isn't a WHOLE lot one can do to a PC running windows, OS/2 or a MAC. :> > This used to be a fair assumption, but in recent years has become much more dangerous. Unless you have VERY strong control over what your users install on their PCs, you should really assume that they are as vulnerable as Unix machines. For example: - OS/2 supports telnet access - All of the above can have FTP servers installed by the user very easily. Possibly even on non-standard ports that you forgot to block at the router.. - Windows4WG has SMB file sharing. If someone installs the Microsoft TCP, and exports some drives, this can potentially exposs the contents of all your hard drives to the outside world... - NFS server capability can similarly be installed.