[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Andrew akohlsmith-le@benshaw.com
Fri Jan 31 11:40:54 PST 2003


> Why not just use application-level proxies for mail, web traffic,
> and any other information that needs to go to and from the outside?
> A company IS department is not a general-purpose ISP.

No thanks.  I dislike proxies in the sense you're describing.  Too many broken 
apps which claim compatibility with a proxy but don't actually work.  I'll 
use my NAT and "super-deluxe" stateful firewall, thanks.

There's security, and then there's realistic security.  A reasonably-paranoid 
NAT and stateful firewall would have also stopped this.  Proxies work great 
so long as everyone plays nice.  Unfortunately not all applications we run 
play nice, and the ones writing the cheques don't particularly care that 
fooWare 2000 doesn't play well with proxies, they just want the software they 
were sold to work.

Regards,
Andrew



More information about the linux-elitists mailing list