On Mon, 27 Jan 2003 alex@yuriev.com wrote:
their computers on 24x7. They may be infected, and will fire up their VPN tunnels Monday morning. This may introduce the worm into the chewy center of many corporate networks. Hopefully folks have put the proper filters in place on their VPN access points.
Wait, but isn't your corporate network 'secure' cause its got a super kewl firewall infront of it??
The problem is not firewall. The firewall is a tool to implement a security policy. If the security policy is wrong, a firewall wont help you. In fact, the best demonstration of a firewall is a Cat5 cable. Working cable is a firewall with Allow:Any security policy. Cut in two, the cable is a firewall implementing Allow:None security policy.
I forgot my smilies in the original post... it was a joke... I'll try not to do that again.