Friday, April 26, 2013

firewall-wizards Digest, Vol 64, Issue 15

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: Linked-in and its Phishing-like contacts option! (Jim Seymour)


----------------------------------------------------------------------

Message: 1
Date: Fri, 26 Apr 2013 11:38:48 -0400
From: Jim Seymour <jseymour@LinxNet.com>
Subject: Re: [fw-wiz] Linked-in and its Phishing-like contacts option!
To: firewall-wizards@listserv.icsalabs.com
Message-ID: <20130426113848.086bf080@win0091>
Content-Type: text/plain; charset=US-ASCII

On Wed, 24 Apr 2013 19:26:01 +0000
"Gautier . Rich" <RGautier@drc.com> wrote:

> Thoughts? I'm wondering why User Operational Security falls under the
> realm of Firewall Wizards..

I think of it this way: Firewall security, in and of itself, doesn't
get the job done. You may have the most bullet-proof border the world
has ever seen, but, unless that bullet-proof-ness means essentially
blocking everything, both incoming and outgoing, it will not be
enough. A layered defense is mandatory. One of those layers is
end-user operational security.

Our goal is to protect the organizational jewels, no?

Besides: We've pretty-much beaten stateful/deep-packet inspection vs.
application proxy to death, no? :)

> ... plenty of users seem to
> be perfectly willing to accept the risk (or be unaware of it).

Both, IME.

> However, not much you can do on the firewall side other than turning
> off webmail access...

Turning off webmail access? How would one accomplish that, exactly,
without essentially turning off web access entirely?

As for LinkedIn: I've received so many LinkedIn emails reported as spam
at work that they've occasionally been there. I may have them listed
on my mailserver at home, for the same reason. (Possibly so. Can't say
as I've seen LinkedIn spam for a while.)

This nonsense of them asking for "work email password" is grounds, in
_my_ view, to block them entirely. That's intolerable. I'm going to
see if I can do that.

But I'm old school. I don't believe convenience, golly-gee-whiz-bang,
and _especially_ "social networking" ought to trump security. Generally
my bosses tend to agree. (Esp. ever since a couple of the Big Guys
attended some-or-another network security briefing, which incl. a
retired FBI agent, and were told that "whatever your network security
is, it's probably not good enough" and "for God's sake, whatever you
do, do not lose your network geek" ;).)

Regards,
Jim
--
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.LinxNet.com/contact/scform.php>.


------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 64, Issue 15
************************************************

No comments:

Post a Comment